We have two WAF deployments protected by two different XG firewalls. Both are protecting web servers identically. Both web servers are IIS. When I query shodan.com for both IPs, it shows the following:
www server 1
Apache httpdHTTP/1.1 403 Forbiddenwww server 2 Microsoft IIS httpd8.5HTTP/1.1 200 OKI would like the results to always be what is reported for server 1. Is this information discoverable because of the architectures of thewebsite. Or is there something additional I need to change at the WAF?
Thank you for reaching out to the Communtiy!
Is there any DNAT rule configured on your firewall for the same server? Are you running this test from the external network?