WAF Protection

Enabled by default when creating proxy zones, WAF is a layered approach to security and an important component of a multitiered approach to bad actor mitigation.

Though not intended to be a protection from all possible bad actors, WAF protects production and development storefront host-names from certain code-level vulnerabilities. These vulnerabilities can include SQL injection attacks, cross-site scripting, and Open Web Application Security Project (OWASP)-identified threats targeting the application layer.

When using WAF, keep the following in mind:

WAF monitors Internet traffic, examining all HTTP or HTTPS (full site) and Ajax (small data snippet) requests made to your storefront. It incorporates the OWASP most common web application vulnerabilities to determine an effective rule set. Rules can be based on multiple request attributes such as user-agent, path, country, query string, IP address, and more.

WAF performs several functions to help protect your storefront.

WAF default settings provide a sensitivity mode of Low and an action of Challenge.

X Privacy Update: We use cookies to make interactions with our websites and services easy and meaningful, to better understand how they are used. By continuing to use this site you are giving us your consent to do this. Privacy Policy.