Web Application Firewall (WAF)

A Web Application Firewall is enabled by default on all your environments. It allows you to monitor activity on your web application and block malicious attacks.

WAF Protections

The Artifakt WAF offers several types of protections for your web application:

Type

Description

DDOS

Prevents attacks caused by HTTP, UDP, TCP and QUIC floods.

OWASP

OWASP Core Ruleset provides protection against common attack categories, including SQL Injection, Web trojans and Cross-Site Scripting.

BOT (Add-on)

Prevents well known malicious or bad bots to crawl your website.

APPLICATION

Custom Firewall rules designed to provide fast and performant protection for your web applications such as Magento, Drupal or Wordpress.

The WAF is enabled by default on all your environments and cannot be disabled.

Traffic Classification

In order to determine the behavior to be applied to the traffic, a score is automatically applied to each request according to their nature, origin, type of traffic. As this score exceeds the vigilance threshold, 3 different types of WAF actions can be triggered:

Type

Description

Block

The request has triggered a Firewall rule or we know for sure the request is a malicious attack. Artifakt WAF blocks this request.

Challenge

The request demonstrated previous suspicious activity online or we don't know for sure the request is malicious. Artifakt WAF displays a CAPTCHA.

Log

The request is not suspicious enough to trigger a verification mechanism, but potentially deserves your attention. Artifakt WAF logs the request.

Sometimes, the automatic classification may be wrong, and a legitimate request could be blocked incorrectly. This is what we call a false positive.

If you think this is happening for one of your environments or if you see the page below while browsing your web application, please contact our Support team and give them the Ray ID displayed at the bottom of the page. Exceptions can be added to prevent this behavior from happening again in the future.

WAF Blocking Page

WAF Monitoring

To access data and logs returned by the WAF, navigate to Environment β†’ Monitoring β†’ WAF.

WAF Monitoring

The data could be filtered by:

  • Time frame

  • Type (Block, Challenge ou Log)

  • Country

  • IP Address

The graph as well as the table of events will automatically update according to the filters selected.

Artifakt WAF is in General Availability but the WAF monitoring dashboard is currently in Beta.