Imperva Cyber Community

Hi Team, 

I have some websites added on Imperva. All the websites are under the same server group. We are in non-transparent reverse proxy mode.

For example: 

domain1.com

domain2.com

domain3.com

...

Gateway ports: 443, 80

They have different SSL Certificates and after I added them in the path: 

SETUP > Sites > Reverse Proxy

Note* I cover because of the privacy of the client.

When I check domain2.com, domain3.com from outside they redirect me to domain1.com. After redirection, if you click on the privacy icon (https://domain2.com), all the websites (domain2.com, domain3.com) have the same certificate of domain1.com.

I try to explain it in my best way and hope someone can understand the problem I have. Can someone have this kind of issue before that can help me?

Many Thanks,

#On-PremisesWAF(formerlySecuresphere)

------------------------------
Olgerta Prendi
Cyber Security Specialist
S&T AG
Tirana
------------------------------

Hi,

The current  configuration is mapping 1 external IP to multiple internal servers and is looking for any hostname and accessing the hostname based on priority. Since you have the hostname set to any, all IP will match the fist domain in order of priority.

Question: Are all these domains on a shared single IP or multiple IP?

Single IP:

You need to tell the WAF which hostname goes where. Remove the checkmark for hostname any and enter the hostname you want going to the relevant backend server.

This is often a scenario in a multi tenant installation where a shared external SSL certificate is used for multiple domains. 

Multiple IP:

You will have to create multiple external rules for each domain. And each internal rule will only have 1 rule.

Some helpful KBs:

1. https://docs.imperva.com/bundle/v14.4-web-application-firewall-user-guide/page/3092.htm
2. https://community.imperva.com/blogs/ira-miga1/2020/12/07/how-to-configure-imperva-waf-reverse-proxy-mode

------------------------------
Sarvesh Lad
Tech Lead @ On-Prem Managed Services (WAF, DAM, DRA & Sonar)
------------------------------

Hi Sarvesh,

I solved the issue. The problem was on the miconfigurations when I populated it.

Thanks,

------------------------------
Olgerta Prendi
Cyber Security Specialist
S&T AG
Tirana
------------------------------

Original Message:
Sent: 03-09-2023 10:19
From: Sarvesh Lad
Subject: SSL Certificate - SSL Keys

Hi,

The current  configuration is mapping 1 external IP to multiple internal servers and is looking for any hostname and accessing the hostname based on priority. Since you have the hostname set to any, all IP will match the fist domain in order of priority.

Question: Are all these domains on a shared single IP or multiple IP?

Single IP:

You need to tell the WAF which hostname goes where. Remove the checkmark for hostname any and enter the hostname you want going to the relevant backend server.

This is often a scenario in a multi tenant installation where a shared external SSL certificate is used for multiple domains. 

Multiple IP:

You will have to create multiple external rules for each domain. And each internal rule will only have 1 rule.

Some helpful KBs:

1. https://docs.imperva.com/bundle/v14.4-web-application-firewall-user-guide/page/3092.htm
2. https://community.imperva.com/blogs/ira-miga1/2020/12/07/how-to-configure-imperva-waf-reverse-proxy-mode

------------------------------
Sarvesh Lad
Tech Lead @ On-Prem Managed Services (WAF, DAM, DRA & Sonar)
------------------------------