Browse By Tags

Hello! I'm trying to setup a Web Server Protection Rule for my home automation system. I have a lot of other WAF rules which work perfectly. I'm only having trouble with this one rule, where I get the following error: I just can't get this rule…

Hi there, we have an internal URL (like server1/.../access.php This link is designed to be accessed directly from the Internet and we would like to make it available to the public. But as this link is quite complicated and as it might reveal details…

The WAF custom authentication form in the documentation is not that clear and required several rounds of testing to fix. Below I've added code that is easier to modify and quickly get up to speed without 30 minutes of troubleshooting and testing. I…

Hello, I have a Peplink WAN gateway and a Sophos in the centre for routing from the core switch to the WAN.I have a problem: I cannot perform a waf for my webserver, which is hosted by peplink and the server are located at dmz, and my website is already…

Hallo zusammen, ich betreibe eine XGS 116W und würde gern einen zweiten Webserver hinter der Firewall erreichen können. Aktuell läuft schon einer tadellos. Aaaaaber ......... Sobald ich einen zweiten hinterlege (Richtlinie, Nat, Host usw…

Hello, I have trouble configuring WAF rule for one specific web server/service When I try to access service from inside on my pc I get 403 [Sun Jan 07 19:40:08.983664 2024] [authz_core:error] [pid 22769:tid 140041007253248] [client 10.2.1.10:52039…

Hi, i read a lot of posts about this Problem, but cant get it running. Made the WAF settings strictly by Sophos KB article, owa, outlook anywhere etc are running properly, but active sync isnt working. Log saus WAF Anomaly Inbound…

Hallo zusammen, ich habe folgendes Problem. Ich habe eine UTM auf eine XGS umgezogen. Nun gehen folgende Verbindungen nicht mehr. Wir haben ein Firewall die hält das Server und das DMZ Netz zwischen dieser Firewall und der XGS besteht ein Transfernetz…

I've been reading some discussions about WAF support for HTTP/2 before. Is it available in the new SFOS v20? Or is it planned for some next MR?

SFOS 19.5MR3 I'm getting multiple WAF-Logentrys with exact same URL (upper-/lowercase) - one request passes correctly the other one fails due to "Static URL Hardening - No Signature found". As it's same exact same URL it's probably not a configuration…

We have updated our XGS3300 to SFOS 20.0 a few days ago. Since then our WAF ist not working. AH00526: Syntax error on line 106 of /cfs/waf/reverseproxy.conf: Invalid encrypted key AH00112: Warning: DocumentRoot [/sdisk/waffiles/1cf6480d9dcdd33a4319301e0d8ef22b…

Hello, We use the Web Server Protection of Sophos XG Firewall and have now reached almost 60 WAF rules. This is also the maximum number of WAF rules. Is it possible to combine several URLs in one WAF rule and route them to different servers? WAF rule…

Hallo zusammen, ich habe ein Problem mit der WAF, nach dem Update von 9.7.12-13 auf 9.7.17. Die WAF bringt in der GUI den Fehler "in error". Anbei das Log: 2023:11:02-10:19:05 remote-1 httpd[9443]: [proxy_http:error] [pid 9443:tid 3791485760…

Is it possible to decrypt HTTPs on the firewall and send plain HTTP to the webserver (without encrypting it again)? Thanks!

Hi all, When AV or other protection features are enabled, we keep running into various problems while uploading large files. Sometimes the disk space (Temp=100%) seems to be the cause, sometimes other internal buffers. We have the requirement to allow…

Hi, I have a WAF rule configured for path-specific routing, however, the routes I am specifying are all to the same target web server, but with different restrictions. e.g. / - restricted to specific IP ranges, target sevrer1 /myapp/ - not restricted…

XGS Firewall, WAF rules has 10 listed domains. What is the sort order based on for these domains? Whenever we delete one from say position 5, add a few new ones, then add the number 5 one again (we have saved and reopened the rule multiple times)…

I found some old posts (>2y ago) about the XG WAF module not supporting MFA authentication for a webservice. Has this changed since? We want to use MFA before using on-prem Exchange OWA. Many internal users already have an Sophos MFA token and it…

Situation. We have a WAF rule with several test sites in the domains list. Example below. test1.testurl.com test2.testurl.com test3.testurl.com test4.testurl.com These all point to one IIS. On the IIS these are all separate sites. When we…

Hallo Community, Ich prüfe aktuelle das Setting mit einer XGS ( SFOS 19.5.3 MR-3-Build652) und dem Windows 2022 RDS. Die Rollen RDS Web und Gateway laufen auf einem dedizierten Server, der RDS Session Host und RDS Lizenz Server sind ebenfalls ein jeweils…

Hi. I am facing an issue with the Web Application Firewall. I have several WAF rules configured, some using SSL and other are not. They point to a central web server. The domain name is used to differentiate each web app and that is forwarded on to…

We’ve recently upgraded one of our server apps and it has a minimum TLS version of 1.3. WAF doesn’t seem to let things through on it, and the ‘Real Server’ has an exclamation mark next to it: Makes no sense why the top one has a green tick but the bottom…

Hi all, SFOS 19.5 Just got a problem with WAF and RDG 2019, i can't log to my server and i have this error: /rpc/rpcproxy.dll WAF Anomaly Inbound Anomaly Score Exceeded (Total Score: 13) Hope i will find…

Moin, ich muss mich zum ersten Mal mit der Webserver Protection auseinandersetzen. Dabei habe ich das Problem, dass ich beim Anlegen einer neuer Firewall Regel, das Zertifikat nicht auswählen kann. Was habe ich bisher gemacht? 1. Das Zertifikat…

After upgrade - all WAF with authentication form with template shows 404. Opening and saving Protection Policy - does not solve the issue. Recreation of Authentication Policy - does not solve the issue. Reimporting form template - does not solve…