Imperva Cyber Community

We are currently working with a client who is on the PRO tier of Cloudflare and are planning to migrate their setup to Imperva CWAF.

The current configuration includes multiple subdomains proxied through Cloudflare, each mapped to different origin servers and behaviors:

classic.abc.com – Returns HTTPS 307 redirect to abc.com (Origin Server A)

buy.abc.com – Returns HTTPS 200 OK (Origin Server B)

staging.abc.com – Returns 301 redirect (Origin Server C)

abc.com – Returns HTTPS 200 OK (Origin Server D)

www.abc.com – Returns HTTPS 200 OK (Origin Server D)

From the Imperva onboarding perspective, it seems feasible to cover abc.com, www.abc.com, and classic.abc.com under a single site since they either share the same origin or redirect to the primary domain.

However, buy.abc.com and staging.abc.com point to different origin servers and serve different purposes.

Is it possible to onboard all of these hostnames under a single Imperva site with multiple origin mappings, or would it be recommended to create separate sites for buy and staging?

Hi Asimit,

In your domain list above, classic.abc.com points to Origin Server A, but abc.com and www.abc.com point to Origin Server D. 

To take advantage of Imperva CNAME reuse (https://docs-cybersec.thalesgroup.com/bundle/cloud-application-security/page/more/cname-reuse.htm) the sites must point to the same Origin.

It is recommended to create separate sites for buy and staging.

Thanks.

We are currently working with a client who is on the PRO tier of Cloudflare and are planning to migrate their setup to Imperva CWAF.

The current configuration includes multiple subdomains proxied through Cloudflare, each mapped to different origin servers and behaviors:

classic.abc.com – Returns HTTPS 307 redirect to abc.com (Origin Server A)

buy.abc.com – Returns HTTPS 200 OK (Origin Server B)

staging.abc.com – Returns 301 redirect (Origin Server C)

abc.com – Returns HTTPS 200 OK (Origin Server D)

www.abc.com – Returns HTTPS 200 OK (Origin Server D)

From the Imperva onboarding perspective, it seems feasible to cover abc.com, www.abc.com, and classic.abc.com under a single site since they either share the same origin or redirect to the primary domain.

However, buy.abc.com and staging.abc.com point to different origin servers and serve different purposes.

Is it possible to onboard all of these hostnames under a single Imperva site with multiple origin mappings, or would it be recommended to create separate sites for buy and staging?