Sorry, I didn't notice that is only for CloudWAF.
I tried to find out about Websockets on-site WAF timeouts but
I found nothing. You should open the case and ask support.
------------------------------
Karol Gruszczynski
IT SECURITY EXPERT
Trafford IT
Warsaw
------------------------------
Original Message:
Sent: 09-22-2021 09:05
From: Sascha Rudolph
Subject: WebSocket Timeout
Thanks for your answer. We already enabled WebSocket communication.
The default timeouts you mentioned are refered to Cloud-WAF or are these also the default timeout values for on-premise WAF?
------------------------------
Sascha Rudolph
Sec Admin
Frankfurt Am Main
Original Message:
Sent: 09-22-2021 08:06
From: Karol Gruszczynski
Subject: WebSocket Timeout
Hi,
Imperva on-premise WAF doesn't support WebSocket in security meaning.
To enable WebSocket communication, you have to do:
To enable WebSocket communication:
- Login to SecureSphere.
From the Landing Page, click Configure Security, then select Security.
Or, from Classic view, in the Main workspace, select Policies > Security. The Security window appears.
- In the Policies pane, under the Web Service Custom policy group, locate the Websocket Upgrade policy and click it.
- Under the Policy Configuration section, clear the Enabled check box.
- In the Policies pane, under the HTTP Protocol Validation policy group, locate the Web Protocol Policy and click it.
- Locate the HTTP WebSocket Violation policy rule and check the Enabled check box.
- Apply Severity, Action and Followed Action values as necessary.
https://docs.imperva.com/bundle/v12.6-management-server-manager-user-guide/page/58930.htm
What about timeouts?
Imperva default timeouts
- The idle connection timeout for HTTP is 6 minutes.
- The idle connection timeout for WebSocket/non-HTTP traffic is 30 minutes.
In order to prevent timeouts, you may want to align your application timeouts with the default Imperva timeouts.
https://docs.imperva.com/bundle/cloud-application-security/page/websocket.htm
------------------------------
Karol Gruszczynski
IT SECURITY EXPERT
Trafford IT
Warsaw
Original Message:
Sent: 09-22-2021 04:20
From: Sascha Rudolph
Subject: WebSocket Timeout
Hi,
we are using an on-premise WAF and configured WebSocket for one Site. Does anyone know the connection timeout for WebSocket? Are these the same values like configured under "Advanced HTTP Settings"?
Best regards,
Sascha
#On-PremisesWAF(formerlySecuresphere)
------------------------------
Sascha Rudolph
Sec Admin
Frankfurt Am Main
------------------------------