Imperva Cyber Community

communities_1.jpg
 View Only

  • 1.  CSRF Protection

    Posted 12-20-2022 03:39

    Can any one suggest how to configure Custom CSRF other than the one which is defined by the Imperva Default policy ?



    Biswadeep 
    Manager
    CyberSecurity 
    UCO BANK
    Kolkata ,India 


    #On-PremisesWAF(formerlySecuresphere)

    ------------------------------
    Biswadeep Pradhan
    Manager
    CyberSecurity
    UCOBANK
    Kolkata India
    ------------------------------


  • 2.  RE: CSRF Protection

    Posted 12-22-2022 21:47
    Hello Biswadeep,

    Thank you for the post, if you want to create custom an custom rejex patter to protect from CSRF attack, sure you can create it manually, if you have pattern(rejex)which you want to block on the waf other than the default one, sharing couple of docs link for CSRF protection,
    https://docs.imperva.com/howto/4affd738
    https://docs.imperva.com/howto/65e47d1a


    ------------------------------
    Syed Noor Fazal
    Product Support Engineer
    ------------------------------

    Original Message


  • 3.  RE: CSRF Protection

    Posted 12-23-2022 00:07
    HI Sayeed 

    Thanks for the response 

    The article you have shared similar to Imperva Default policy . I just wonder is there any base line above which a custom CSRF request can be generated or the article which you have shared is can be referred as a standard to implement the Custom CSRF ?

    सादर / Regards
    Biswadeep Pradhan
    CISO Office
    प्रधान कार्यालय / Head Office
    यूको बैंक  / UCO Bank,
    कोलकाता / Kolkata–700001
    033-4455-7825




    Original Message


  • 4.  RE: CSRF Protection

    Posted 12-24-2022 12:05
    Hello Biswadeep,

    Yes you are correct those are default one, however you can create custom policy in a similar way as per the requirement.

    ------------------------------
    Syed Noor Fazal
    Product Support Engineer
    ------------------------------

    Original Message