Imperva Cyber Community

Expand all | Collapse all

On-premise WAF protection against L7 Slow HTTPs attacks.

  • 1.  On-premise WAF protection against L7 Slow HTTPs attacks.

    Posted 08-17-2021 09:25
    How can On-premise WAF be protected from Slow HTTPs attacks? Built-in policy does not help

    #On-PremisesWAF(formerlySecuresphere)

    ------------------------------
    Andrei Nalivaika
    Cyber Security Expert
    Minsk
    ------------------------------


  • 2.  RE: On-premise WAF protection against L7 Slow HTTPs attacks.

    Imperva Employee
    Posted 08-18-2021 08:50
    Hi Andrei,

    The policy should block slow http attack - as you can see the attack would be blocked after a specific amount of connections simultaneously attacking the server.
    I suggest to set it to 1 for tests , if this won't help it is better to involve Imperva customer support.

    ------------------------------
    Michael Sorin
    Software Engineer
    Tel Aviv CA
    ------------------------------