Imperva Cyber Community

communities_1.jpg
 View Only

  • 1.  X-Headers from Imperva

    Posted 08-05-2020 06:14
    Hello,
    Does Imperva add X-Original-URl or X-Reqrite-URL to requests or responses?
    Thank you.
    #CloudWAF(formerlyIncapsula)

    ------------------------------
    Alexander Martyniuk
    ------------------------------


  • 2.  RE: X-Headers from Imperva

    Posted 08-05-2020 13:49
    Edited by Jaired Anderson 08-24-2020 13:53
    Hi Alexander,

    Per design, Cloud WAF proxies the original request to the Origin. This of course, excludes attack traffic.

    I believe you might be asking - When rewrite rules are in place, does Imperva Cloud WAF append a header containing the original requested URI?

    By default, this information is not passed. However, Abhishek has an answer below using custom rules.

    ------------------------------
    Jaired Anderson
    Principal Consultant
    Imperva
    Tulsa OK
    ------------------------------



  • 3.  RE: X-Headers from Imperva

    Posted 08-24-2020 13:12
    The request to origin and response to client can have requested path as below.  Use the ADR rule for request rewrite and resposne rewrite, example below.
    Check for supported variables https://docs.imperva.com/bundle/cloud-application-security/page/rules/create-rule.htm



    Strict-Transport-Security: max-age=31536000
    X-CDN: Incapsula
    X-Original-URl: /requesturipath

    ------------------------------
    Abhishek Gupta
    Customer Success team
    Imperva
    ------------------------------