• Web Server Protection XGS

    Muhammad Fahmi Zainuddin
    Muhammad Fahmi Zainuddin
    Dear All I currently setup new lab to test Web Server Protection at XGS firewall. My setup: 1. Web Server using Xampp (LAN Zone) - IP: 192.168.100.2 2. Virtual Firewall XGS. (LAN Interface IP: 192.168.100.254) ( WAN Interface IP: 192.168.43…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Fail2ban hinter XGS WAF

    Stefan Weber
    Stefan Weber
    Hallo zusammen, wir wollen unsere Webserver mit Fail2ban umstellen, sodass diese über WAF erreichbar sind. Da dann im Log des Webservers die Interne IP der Firewall auftaucht, wird leider diese von Fail2ban gebannt. Man kann zwar die IP X-Forwarded…
    • over 1 year ago
    • Sophos Firewall
    • German Forum
  • WAF UTM Modsecurity violation

    Glad_Excercise_07
    Glad_Excercise_07
    Hi, We are experiencing an issue with our website behind WAF on Sophos UTM. I have been toying around with getting our site to work via Web Protection for users outside the internal network. This log entry indicates that ModSecurity, a web application…
    • over 1 year ago
    • UTM Firewall
    • General Discussion
  • Sophos UTM Web Exception

    Glad_Excercise_07
    Glad_Excercise_07
    Hi Community, I would like to confirm whether creating an exception in the Firewall Profiles section of Webserver Protection and adding a bypass rule for the path "/Test/Images/static/roboto/" would exempt only the exact matching path or anything…
    • over 1 year ago
    • UTM Firewall
    • General Discussion
  • Emby/ Plex behind WAF HTTPS slower performance?

    jang430
    jang430
    I am trying to host Emby server behind WAF with HTTPS configured. I am able to access the server successfully, but when it comes to playback, it doesn't want to start playing. It will seem like it's buffering, with an image of loading, but never starts…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • RDWeb per WAF

    EinMarco_DE
    EinMarco_DE
    Hey there, I´m trying to publish a RD Web Gateway with a Sophos XG and WAF. Configured anything like described here . Login and the RD Web Overview works, but not the Conenction to the RDS. For testing I habe disabled the entire protection section…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Cloudflared WAF & port showing open

    Panagiotis Vakerlis
    Panagiotis Vakerlis
    Hello everyone, Me and also a friend have the same issue with a waf rule. We both have a cloudflare proxied domain name (lets say system.somedns.com) that points to our wan IP. Since it's cloudflare proxied, the ip of the domain name points to cloudflare…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos E-Mail on XG with SFOS 19.5.1 MR1 blocking attachments bigger than 1MB

    Stefano Tortiello
    Stefano Tortiello
    Hi community, we've experienced again the problem that sending e-mails with attachements bigger than 1MB are blocked by WAF. We had this problem about two years ago and already set the limits via advanced shell. We did the same thing as described in…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • XG Reverse Proxy fails

    Patric Beuthen
    Patric Beuthen
    Hello experts I am struggling to get a Docker container of vaultwarden up and running in my internal network. Since vaultwarden has limited support for HTTPS, I tried to use XG as reverse proxy, but I cannot connect. I assume, it is irrelevant for the…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • IP group and WAF exception

    Krystian Kamiński
    Krystian Kamiński
    Hello Is it possible to use a group of IP addresses in a WAF rule exception? Adding many IP hosts one by one is very cumbersome.
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • WAF - activated Common threat filter kills uploads after 30sec/120MB

    dirkkotte
    dirkkotte
    Hi all, I'm having trouble uploading various .iso files (>2.5GB) while "Common Threat Filter" is enabled in WAF. - no error within reverseproxy.log - no problems with a 860MB .tgz file. - different browsers or client devices Some ideas where…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • How to share port TCP 443 for WAF and SSL VPN?

    JohnnyInc
    JohnnyInc
    Hi everyone, I see a lot comments at this forum where I can see, that sharing Port 443 TCP for WAF and SSL VPN is working. The documentation says, that it is not possible: https://docs.sophos.com/nsg/sophos-firewall/19.5/Help/en-us/webhelp/onlinehelp…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Second Webserver

    NRdroque
    NRdroque
    i have a iis webserver that are publish to the web at the port 80. it reponding to url1.mydomain.com created a webser in XG230 and the nat rules for it. Now i have the need to add a second webserver but this one wil respond to url2.mydomain.com…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Is it possible to disable wordpress wp-adin access through WAF?

    GernotMeyer
    GernotMeyer
    Hi all, I am publishing wordpress server with XG. Is there any experience to disable the /wp-admin subpage to internet. It will be enough for us to access that page internally. Thanks for hints Gernot
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos Firewall - WAF EoL?

    Daniels_UTM
    Daniels_UTM
    I have noticed, that recently the WAF & E-Mail Features are disappeared in the Firewall Sizing Calculator. So my customer thought to buy a Sophos Firewall, but we are not sure, if the WAF is near EoL, like the E-Mail Module where Sophos forces you…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • WAF authentication fails

    Peter-Paul Gras
    Peter-Paul Gras
    I have to create a user with username equal to mailadrres ( name@domin.com ) Purpose is to use this user to authenticate with a login form with passthrough in a WAF rule. When i try to authenticate nothing happens, when i authenticate with a username…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • XG310 Changing rules for Exchange OWA access

    Walter Salvatore
    Walter Salvatore
    We have an XG310. We are currently migrating our Exchange server from 2013 to 2019. I am trying to figure out how to change our firewall rule for OWA to point to the new server. I go under "Rules and policies", IPv4 and we have a rule created for OWA…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos XG: Problems with WAF and Exchange 2019

    David Lorenz
    David Lorenz
    Hello Community, my name is David Lorenz and i have a problem with the WAF from our customer. They use Exchange 2019 on prem. and users from a branch office in egypt have connectionproblems. I already have set some exclusions in the rules because…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos WAF Security Request body (Content-Length) is larger than the configured limit

    Ale_V2
    Ale_V2
    Hello everyone I have a Synology NAS behind a Sophos firewall (WAF). On this server is Synology Drive which provides a Cloud Infrastructure. Sadly I cannot upload anything over 1 GB which is problematic. Internally without the WAF it works. The issue…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Is it possible to protect a webserver on Godaddy vps with Sophos Firewall?

    Cathrine Gweja
    Cathrine Gweja
    I am new to Sophos firewall, I just deployed a virtual Sophos XG firewall in an Azure virtual machine. Now I want to protect my webserver which is hosted on GoDaddy with the firewall's web server protection, Is it possible and if it is how do i go about…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Put Emby container on WAF

    jang430
    jang430
    Hello. I want to open Emby for external access. I want to put this on WAF. Emby is run on docker container. I want to be able to access it via https://stream.test.com , can this be done? To be able to use https, will generating a cert for stream.test…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • WAF reverse proxy with not working

    Tom-
    Tom-
    Hello, once enebaled the following option reverse proxy does not work anymore. Cookie signing URLHardening tailf /log/reverseproxy.log [Mon Feb 06 22:15:41.552601 2023] [core:warn] [pid 13179:tid 140605555216064] AH00111: Config variable ${URLHardening_HTTP_Hostname…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • WAF: Warning: DocumentRoot [/sdisk/waffiles/########] does not exist

    Gatt
    Gatt
    Sophos FW v19.0.1 (Build 365) - With a Home LIcence Since upgrading to this version, I have had to WAF functionality, and there are no errors being shown in WebAdmin Going into the shell and looking at /logreverseproxy.log I can see the following: …
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos WAF

    Joel Muodzi
    Joel Muodzi
    Good day everyone, I am having challenges enabling WAF. The website is using http and on normal dnat its accessible. The moment I create a WAF with HTTPS and disable dnat rules, i get a 403 forbidden error. May you kindly assist. Regards, …
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos Firewall WAF Policy Crashing System

    John Groller
    John Groller
    Hello Sophos Community Using the latest firmware as of today (SFOS 19.5.0 GA-Build197) on Sophos Firewall, installed as a virtual appliance in Proxmox 7.3-4. It's a home license, on 4 virtual CPUs (host), and 6GB memory. I'm using the official qcow2…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
<>