Imperva Cyber Community

Expand all | Collapse all

Request body rewrite in WAF

  • 1.  Request body rewrite in WAF

    Posted 17 days ago
    Hi Community,

    I am new to Imperva products, so my question may have an obvious answer - if so please just show me to the section in the documentation :)

    My customer is using Imperva Cloud WAF and now they are about to implement a custom compression algorithm. The algorithm will essentially use its knowledge of the data to effectively transform it. The client will compress the data and the server will decompress it before it reaches an API endpoint.

    Now the tricky question I am struggling with is where to put the decompression. Putting it in front of WAF is difficult because SSL is not yet terminated. So in order to decompress before WAF we will need to terminate the SSL, decompress, re-SSL again, and send to WAF - this looks very complex and redundant.

    If we put it behind WAF, then WAF will be less effective because it wouldn't understand the contents of the package and miss attack patterns.

    An ideal scenario for me seems to be some sort of integration where we could decompress and rewrite the content, and WAF would check the decompressed message. Is this something that is possible to implement? Or are there other ways to solve the same need?

    Thank you for all the help.
    #CloudWAF(formerlyIncapsula)

    ------------------------------
    Anton Baranenko
    Join the Dots BV
    Huldenberg
    ------------------------------


  • 2.  RE: Request body rewrite in WAF

    Community Manager
    Posted 4 days ago
    Hi Anton,

    I had a conversation with a support colleague and he suggested that you may need to raise a support ticket for this as they would need to ask a number of questions to understand the specifics of your requirements.

    I hope you get the information you need.

    ------------------------------
    Sarah Lamont
    Digital Community Manager
    ------------------------------