Here's a procedure to check that the Web application firewall is working properly and that you understand it
- First check that the Web application firewall is correctly enabled on your reverse website.
- The WAF icon must be turned to green.
- Click on the Shield icon and ensure that the Default Action is on “Alert And Deny”
Open a browser and enter one of these URLs.
https://example.com/?id=1 and 'c'='c'http://www.example.com/?q="><script>alert(1)</script>'
You should see a 405 error page, that means the Web Firewall have detected a wrong query on your Web site such as SQL injection or XSS injection
- On the TOP menu, click on “Web Firewall” that will list all access to your Web site, you should see red events
- Click on Reports tab.
- You should see details of the detected attack and the rule that matches your queries.
