Imperva Cyber Community

Hi,
we are using an on-premise WAF and configured WebSocket for one Site. Does anyone know the connection timeout for WebSocket? Are these the same values like configured under "Advanced HTTP Settings"?

Best regards,
Sascha
#On-PremisesWAF(formerlySecuresphere)

------------------------------
Sascha Rudolph
Sec Admin
Frankfurt Am Main
------------------------------

Hi,


Imperva on-premise WAF doesn't support WebSocket in security meaning.
To enable WebSocket communication, you have to do:

To enable WebSocket communication:

1. Login to SecureSphere.

   From the Landing Page, click Configure Security, then select Security.
   Or, from Classic view, in the Main workspace, select Policies > Security. The Security window appears.

2. In the Policies pane, under the Web Service Custom policy group, locate the Websocket Upgrade policy and click it.
3. Under the Policy Configuration section, clear the Enabled check box.
4. In the Policies pane, under the HTTP Protocol Validation policy group, locate the Web Protocol Policy and click it.
5. Locate the HTTP WebSocket Violation policy rule and check the Enabled check box.
6. Apply Severity, Action and Followed Action values as necessary.

https://docs.imperva.com/bundle/v12.6-management-server-manager-user-guide/page/58930.htm


What about timeouts?

Imperva default timeouts

• The idle connection timeout for HTTP is 6 minutes.
• The idle connection timeout for WebSocket/non-HTTP traffic is 30 minutes.

In order to prevent timeouts, you may want to align your application timeouts with the default Imperva timeouts.

https://docs.imperva.com/bundle/cloud-application-security/page/websocket.htm




------------------------------
Karol Gruszczynski
IT SECURITY EXPERT
Trafford IT
Warsaw
------------------------------

Original Message:
Sent: 09-22-2021 04:20
From: Sascha Rudolph
Subject: WebSocket Timeout

Hi,
we are using an on-premise WAF and configured WebSocket for one Site. Does anyone know the connection timeout for WebSocket? Are these the same values like configured under "Advanced HTTP Settings"?

Best regards,
Sascha
#On-PremisesWAF(formerlySecuresphere)

------------------------------
Sascha Rudolph
Sec Admin
Frankfurt Am Main
------------------------------

Thanks for your answer. We already enabled WebSocket communication. 
The default timeouts you mentioned are refered to Cloud-WAF or are these also the default timeout values for on-premise WAF?

------------------------------
Sascha Rudolph
Sec Admin
Frankfurt Am Main
------------------------------

Original Message:
Sent: 09-22-2021 08:06
From: Karol Gruszczynski
Subject: WebSocket Timeout

Hi,


Imperva on-premise WAF doesn't support WebSocket in security meaning.
To enable WebSocket communication, you have to do:

To enable WebSocket communication:

1. Login to SecureSphere.

   From the Landing Page, click Configure Security, then select Security.
   Or, from Classic view, in the Main workspace, select Policies > Security. The Security window appears.

2. In the Policies pane, under the Web Service Custom policy group, locate the Websocket Upgrade policy and click it.
3. Under the Policy Configuration section, clear the Enabled check box.
4. In the Policies pane, under the HTTP Protocol Validation policy group, locate the Web Protocol Policy and click it.
5. Locate the HTTP WebSocket Violation policy rule and check the Enabled check box.
6. Apply Severity, Action and Followed Action values as necessary.

https://docs.imperva.com/bundle/v12.6-management-server-manager-user-guide/page/58930.htm


What about timeouts?

Imperva default timeouts

• The idle connection timeout for HTTP is 6 minutes.
• The idle connection timeout for WebSocket/non-HTTP traffic is 30 minutes.

In order to prevent timeouts, you may want to align your application timeouts with the default Imperva timeouts.

https://docs.imperva.com/bundle/cloud-application-security/page/websocket.htm




------------------------------
Karol Gruszczynski
IT SECURITY EXPERT
Trafford IT
Warsaw

Original Message:
Sent: 09-22-2021 04:20
From: Sascha Rudolph
Subject: WebSocket Timeout

Hi,
we are using an on-premise WAF and configured WebSocket for one Site. Does anyone know the connection timeout for WebSocket? Are these the same values like configured under "Advanced HTTP Settings"?

Best regards,
Sascha
#On-PremisesWAF(formerlySecuresphere)

------------------------------
Sascha Rudolph
Sec Admin
Frankfurt Am Main
------------------------------

Sorry, I didn't notice that is only for CloudWAF.
I tried to find out about Websockets on-site WAF timeouts but I found nothing. 
You should open the case and ask support.




------------------------------
Karol Gruszczynski
IT SECURITY EXPERT
Trafford IT
Warsaw
------------------------------

Original Message:
Sent: 09-22-2021 09:05
From: Sascha Rudolph
Subject: WebSocket Timeout

Thanks for your answer. We already enabled WebSocket communication. 
The default timeouts you mentioned are refered to Cloud-WAF or are these also the default timeout values for on-premise WAF?

------------------------------
Sascha Rudolph
Sec Admin
Frankfurt Am Main

Original Message:
Sent: 09-22-2021 08:06
From: Karol Gruszczynski
Subject: WebSocket Timeout

Hi,


Imperva on-premise WAF doesn't support WebSocket in security meaning.
To enable WebSocket communication, you have to do:

To enable WebSocket communication:

1. Login to SecureSphere.

   From the Landing Page, click Configure Security, then select Security.
   Or, from Classic view, in the Main workspace, select Policies > Security. The Security window appears.

2. In the Policies pane, under the Web Service Custom policy group, locate the Websocket Upgrade policy and click it.
3. Under the Policy Configuration section, clear the Enabled check box.
4. In the Policies pane, under the HTTP Protocol Validation policy group, locate the Web Protocol Policy and click it.
5. Locate the HTTP WebSocket Violation policy rule and check the Enabled check box.
6. Apply Severity, Action and Followed Action values as necessary.

https://docs.imperva.com/bundle/v12.6-management-server-manager-user-guide/page/58930.htm


What about timeouts?

Imperva default timeouts

• The idle connection timeout for HTTP is 6 minutes.
• The idle connection timeout for WebSocket/non-HTTP traffic is 30 minutes.

In order to prevent timeouts, you may want to align your application timeouts with the default Imperva timeouts.

https://docs.imperva.com/bundle/cloud-application-security/page/websocket.htm




------------------------------
Karol Gruszczynski
IT SECURITY EXPERT
Trafford IT
Warsaw

Original Message:
Sent: 09-22-2021 04:20
From: Sascha Rudolph
Subject: WebSocket Timeout

Hi,
we are using an on-premise WAF and configured WebSocket for one Site. Does anyone know the connection timeout for WebSocket? Are these the same values like configured under "Advanced HTTP Settings"?

Best regards,
Sascha
#On-PremisesWAF(formerlySecuresphere)

------------------------------
Sascha Rudolph
Sec Admin
Frankfurt Am Main
------------------------------