Unanswered Threads

I have been working through configuration of the logsdownloader.py from GitHub - imperva/incapsula-logs-downloader: A Python script for downloading log files from Incapsula. I've troubleshot about as much as I can, and believe I am entering the "I have missed some very minor tweak OR I have missed some fundamentally simple tweak, but can't seem to see it" territory: Python 3.6.8 RHEL 8 Requirements already installed: pycrypto m2crypto urllib3 Though there were a lot of requirements ... More

Hi community, In the current release note to the V13.6.0.85 we found a resolved issue, which was marked as critical and was resolved. Does anybody has some information about this critical WAF vulnerability? It wasn't mentioned on any track before. Link to docs: https://docs.imperva.com/bundle/v13.6-release-notes/page/80100.htm Imperva Imperva Documentation Portal View this on Imperva > best regards Stefan #On-PremisesWAF(formerlySecuresphere) ... More

Hi Guys, I hope you're all well. I've recently started using the Imperva CWAF - CLI and for some weird reason the restore command is not working. I'm able to export config file of a site but the restore does not work. What's the point of exporting when you can't import it back?? incap site restore --domain=www.example.com /Users/<name>/backups/www.template.com.json If anyone can help me get this working or correct any mistake that I have made it would be appreciated. Thanks in advance. Regards, ... More

Hi Folks, Hope you're all well. Is there any command/script in CWAF-CLI to export all the exceptions that have been added under WAF settings for each threat type? (It can be either a single site export or one export for all the sites) Please let me know if this possible with the CWAF-CLI!? Thanks in advance for your help! Regards, Shrinik #CloudWAF(formerlyIncapsula) ------------------------------ Shrinik Srinivasa Security Analyst PageUp Melbourne, Australia --------------------------- ... More

Hi, Is Imperva have any link to check for best practices/recommendations? Like for the below list. 1. Deny Ping/ICMP from Internet and Intranet 2. Allow only HTTPS access to WebUI and SSH only to CLI 3. HTTP WebUI redirection Thank you. #On-PremisesWAF(formerlySecuresphere) ------------------------------ Oliver Naabay Engineer Makati ------------------------------ More

Dears I have DB Server include multiple DBs. During the implementation I didn't define the DBs under the Application, so all the DB Profiling was added under Default Application. After that, I created an Application for each DB so the DAM started to learn and build the profile for each DB but, at the same time, the default Application still exist with the old information the question is how can I reset or clear the old learning information for this application? #AccountTakeOver #AdvancedBotProtection ... More

Hi Impervians, Are there any implementations (policies applied to websites) on below security headers on Imperva Onprem WAF? X-Frame-Options Strict-Transport-Security X-Content-Type-Options Content-Security-Policy Referrer-Policy Permissions-Policy Thanks, Leangf #AllImperva ------------------------------ Angfe Landagan Sr. Solutions Engr Philippines ------------------------------ More

Hi I'm looking into the possibility of automating as much of the MX export/import process as possible. We will be using version 14.4.0.16 running on demand instances in AWS. From this version it appears that Imperva have taken a different approach to patching. Instead of patching the MX online from the public ftp site, the new method follows the blue/green approach. A new MX is created, the export from the current MX is imported, and the two are swapped over. The rough steps go as follows. Export ... More

Hello Community, I'm implementing Securesphere WAF on GCP. I want to segregate Data traffic and management traffic on the gateway, and I see GCP only allows one NIC. Can I use Alias IP to achieve this? Any design document you guys can share with me? Thanks, Satya #AccountTakeOver #AdvancedBotProtection #AllImperva #APISecurity #AttackAnalytics #ClientSideProtection #CloudDataSecurity #CloudWAF(formerlyIncapsula) #CloudVector #ContentDeliveryNetwork #DataMasking(formerlyCamouflage) ... More

Hello, A couple of Oracle Services were configured with wrong ports, they were fixed, however the audit and security policy information continues to be tagged with the previous information. How long does it take for the Securesphere to refresh this new configuration? Do I need to update the ports at some other point? Thanks in advance. #DatabaseActivityMonitoring ------------------------------ David Pineda Security Engineer Mexico City ------------------------------ More

Hi Did anyone encounter audit purge scheduling that is not working? Manually audit purging does work perfectly. My DAM disk and utilization status were OPTIMAL. Time (NTP) is correct. The automatic AUDIT purge scheduling was; Occurs: Monthly Day: 7 Of Every Month Somehow, upon checking from Job Status to verify, status has X remark TIA, leangf #DatabaseActivityMonitoring ------------------------------ Angfe Landagan Sr. Solutions Engr Philippines ------------------- ... More

Hi Team What happen if I rewrite the response header like x-frame-options,x-content-type-options or x-xss protection, It is added security still with this change or it ''will be only visual change? #CloudWAF(formerlyIncapsula) ------------------------------ Ivan Velasquez Ingeniero i2ss Bogota ------------------------------ More