Hello everyone.
I have enabled a WAF protection policy on my website.
And now I have some WAF anomaly.
Problem is I can't find the reason of the anomaly.
Here is the log that I have in the log viewer :
2022-06-18 12:00:41Web server protectionmessageid…
Hey everyone I want to test the Sophos UTM Webserver Protection future, any idea how can i attack theservers behind sophos, also what should be runing on servers? I've 3 server ready to use.
Hi to all,
We have configured WAF for WEB Protection Rule but when a operator try to upload news content on web upload the Sophos XG Denies to upload news content to published, see the denied log.
/Media/InsertContent/11224
WAF…
Hello Community,
we had the problem with the WAF of our firewall. We cant sent mail with a attachement size over 1MB.
My collegue Denis Neugebauer find a solution in some other forums.
Here is the solution (in German -> use DeepL.com):
# Vorwort…
I'm getting following error in WAF-log:
ModSecurity: Request body no files data length is larger than the configured limit (1048576)
Is there a new switch in gui or command line to increase 1 MB limit in V19? There were forum posts some years and…
Hello everyone ,
I have a problem with my WAF rules. It no longer works, the problem happened all of a sudden without me changing anything on my configuration. Only forward port rules work correctly. I have already rebooted my router. I even deleted…
Discovered a scenario that I can't get working in Azure, which seems like a limitation on the XG. We setup a policy-based VPN to one of our customers which needs to access one of our web-apps. The customer requires that RFC-1918 is not used in VPN traffic…
I am trying to get my ActiveSync setup to work across my Sophos XG 18.5.3 MR-3 install.
I follow the recipe found at https://support.sophos.com/support/s/article/KB-000040209?language=en_US
When I try to save the firewall rule mentioned towards the…
We have a web server that sends websocket requests when being accessed. We are able to make it work through HTTP traffic, but when we got an SSL certificate to make it HTTPS, the websocket requests fails.
I have tried using Path-Specific Routing to…
Hello guys.
I am using waf and I noticed that when Rewrite HTML is checked javascript is not loading.
For example I have a phpsysinfo script running. When I access it, while it is supposed to use bootstrap to display the page, it redirects me to the…
Dear Sophos,
I am operating a matrix.org synapse backend, and for federation to work properly it is important that the apache virtual host is configured with the "nocanon" option. My assumption: Normally, mod_proxy will canonicalise ProxyPassed URLs…
Hello,
I am trying to set up kind of a "blue-green" deployment environment for our website. We already have a working web server and a firewall (WAF) rule pointing to this web server. I've added a second "web server" and I now see it in the list under…
I have two public IP addresses behind a sophos XG, I need to publish two web servers in the DMZ zone.
I created the publishing rules for both servers. only access to web server 1 is allowed from IP1 address. access to web server 2 from IP2 address is…
Hello eveyrone,
I have created a WAF rule on all my Website, which is in "moitor" mode :
I went to reverseproxy.log to see if I had errors, warning... and I have many many logs like :
[cookie:error]
[form_hardening:error]
[security2:error…
Hello,
I would like to do this :
Allow all internet v4 IP on www.mywebsite.fr
Allow specify IP on www.mywebsite.fr/admin
Is it possible with Sophos XG 18 ?
Thank you very much.
It seems that it is impossible to create WAF rules for web servers with https so that the web server would use its own certificate instead of cert from the firewall. Is it really so and is there any trick going around this problem?
We have a new SSL certificate installed in Sophos for a website we are hosting. When I configure the web server with an HTTP encryption, there is no issue. But when I change it to HTTPS encryption, these are the issues we are having:
From internal network…
We have an MS DevOps server running and exposed via UTM (no firewall, "pass host header" enabled). For almost everything this works absolutely fine - people are able to access the DevOps site, log in normally, commit code via GIT, etc.
However, certain…
Hello! We are using sophos Web Server Protection to proxy our websites, One of our editors is suffering from this error:
Sometimes get this message after 2 mins of usage, sometimes 15-30 mins, after this tried to flush all caches (10x times a day!)…
We have XGS3100 and in one web application, the following error is displayed in the browser when passing credentials:
Bad Request
Your browser sent a request that this server could not understand.
Size of a request header field exceeds server limit…
I have a fresh install of Sophos XG Firewall Home (SFOS 18.5.2 MR-2-Build380)
Everything is working except I can not get the WAF to recognize that I have created as web server.
I created a host in Host and Services
! created a web Server in Web…
Hi, I have one problem with my webserver.
It´s an VM, with only a public IP, so no internal private IP, that it can be translated to.
I set up firewall XG from ground, since I was expecting problems with one VLAN, that wasn´t accessable anymore, even…
Hello,
Does the Sophos XG/XGS WAF (18.5) really work with recent Exchange and RD Gateway (2016/2019/2022) ?
I have searched in community, in manuals, all over the internet, but I didn't find any "clear" answer, article or procedure with a WAF configuration…
hi, i am configuring WAF , so that server which is behind the firewall woudl be access over interner securely. i configured WAF, getting following error
Proxy Error The proxy server could not handle the request.
Reason: Error during SSL handshake…
Hi all,
I have the exact problem as described by this member below. Basically, I have the radius and duo authentication proxy working fine for the user portal and SSL VPN but it won't work with WAF. The WAF authentication form seems to send multiple…
