• Sophos Firewall: WAF and claimed weak ciphers

    KingChris
    KingChris
    Disclaimer : This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment. Table of Contents Overview Strong ciphers Weak ciphers…
    • over 4 years ago
    • Sophos Firewall
    • Recommended Reads
  • Does Web server protection (WAF) support HTTP/2

    rexer
    rexer
    Hi We're hosting a Website behind the "Web server protection" (WAF) on a Sophos XG. Now our contrator is planning to update our website to use http/2. He asked if that is ok and whether the WAF support http/2. I only found information about Sophos…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Protection Policies - "Save" Button not Working

    John Groller
    John Groller
    Hello all. I'm trying to add a new "Protection Policy". When I fill in everything and press "Save"... nothing happens. I think the "Save" button goes from a dark blue to a lighter blue, but nothing saves, no messages, no refreshes, nothing. No feedback…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Webserver Protection Exchange Cluster

    AlexanderPoettinger
    AlexanderPoettinger
    Hello, I'm having some trouble wit the webserver protection for an Exchange 2016 Cluster. We're running a brand new XGS3300 firewall cluster in our datacenter with 10 Gig internet connection. I've configured only IPS rules for the Exchange Webserver…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Getting WAF to pass to the correct sites

    MikeRM275
    MikeRM275
    Good evening. I am trying to set up the UTM ( 9.711-5) to handle the websites from the IIS machine. I currently have WAF working with Exchange. So I have DynDNS entries for the DNS names that I need for the two sites, both point to the IP address on the…
    • over 2 years ago
    • UTM Firewall
    • Web Server Security
  • Sophos XG: Cannot change WAF Certificate

    Patrick Wolfensberger
    Patrick Wolfensberger
    Hi there Last week, my wildcard certificate expired. No biggie. Got a new one, imported it into the firewall, everything ok. When I selected the new certificate in my WAF rules, I was able to save this configuration and expected the firewall to use…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Redirection

    Memorycard
    Memorycard
    Hello everyone, is Sophos WAF okay with redirecting http://wwww:aaa to https://wwww:aaa ? It seems to be okay with default http and https ports, but not working with non-default ports
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos WAF: HTTP Error 500 with external access to SAP Business One

    Saphos
    Saphos
    Hello, I have a problem with Sophos WAF and the external access to specific SAP Business One Services. The access works completly fine with NAT however the company would like to use WAF for providing external access. We get a HTTP ERROR 500 when trying…
    • over 2 years ago
    • UTM Firewall
    • Web Server Security
  • Sophos XG & Exchange 2019 - WAF not working - URL hardening

    Sophos User2126
    Sophos User2126
    Hi, I'am lokking for some help to come over a problem with Exchange 2019 and WAF with static URL hardening. I use this poular documentation here: https://www.frankysweb.de/sophos-xg-18-webserver-protection-und-exchange-2019/ and it did not work as…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Access webserver from LAN / SSL VPN at public ip behind WAF

    derTobi
    derTobi
    Hello all, we are using a XGS 2100 with os19. Simple network. WAN. LAN. DMZ and SSL VPN. Configured a webserver with WAF rule located in the DMZ. So far works fine from external users accessing the webserver on its public ip. The clients in…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Apple Mail and issues with ActiveSync - NC-62805

    Mikkel Andreasen - Modulo
    Mikkel Andreasen - Modulo
    Hi, We are having som issues with sending mails from Apple devices using Apple mail - it seems to be related to NC-62805 https://community.sophos.com/sophos-xg-firewall/f/discussions/127826/sophos-xg-18-0-3-active-sync-email-problem https://community…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • access https

    Mohamed Khandouch
    Mohamed Khandouch
    hi i have two server using https mail server and web server when i want to access from outside to the sever web it load always the mail server, and when i change port to 80 it work but i want to use https for web server. pls any help i have sophos…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • WAF (Reverse Proxy) without Logon for internal Networks

    PeterLeibling
    PeterLeibling
    Hello, i use a reverse Proxy (Basic Auth) to protect a internal Server - so every logon has to login first. But now i want to splitt it - so thats only auth is required for Internet and external Networks (VPN, Wireless and so on). For Internal Networks…
    • over 2 years ago
    • UTM Firewall
    • Web Server Security
  • General WAF understanding

    njabi
    njabi
    Hi guys I have a general and maybe basic WAF / reverse proxy question: I do use some ressources from WAN-side by setting up a "simple" Firewall and DNAT rule to port-forward these ressources. Clients that match the firewall rule have access by calling…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • UTM 9 WAF Firewall, Static URL Hardening Exception question

    Flippy
    Flippy
    Hi there, i've have had quite the journey with WAF on UTM in conjunction of RDG 2012 R2 - 2019. I'm very much in at the end with everything working flawlessly (Android, iPhone, conventional RDP, Remote Apps, and the HTML5 RDS Webpage). Since everything…
    • over 2 years ago
    • UTM Firewall
    • Web Server Security
  • Can't See the WAF Works

    Onur Kaya
    Onur Kaya
    I configured the WAF protection for my apache2 server, but when i use waf tools to test it, it doesn't seem like works and I don't see any logs except from 127.0.0.1, did i missconfigured it?
    • over 2 years ago
    • UTM Firewall
    • General Discussion
  • Web Server Protection (WAF) with certificate based authentication

    rexer
    rexer
    Hello We're trying to use a Webserver behind web server protection (Sophos XG) where clients have to authenticate themself with a certificate. We're able to reach the Website and we can authenticate with username and Password. But, however, our clients…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Website protection

    juan k debb
    juan k debb
    Hi, my website got some serious attacks from different locations. Can I secure my website with Sophos Firewall? My site url is https://www.autoreinigung-noack.de/ . Any help will be appreciated
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • WAF anormaly

    Service Informatique2
    Service Informatique2
    Hello everyone. I have enabled a WAF protection policy on my website. And now I have some WAF anomaly. Problem is I can't find the reason of the anomaly. Here is the log that I have in the log viewer : 2022-06-18 12:00:41Web server protectionmessageid…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Testing Sophos UTM Webserver Protection

    Onur Kaya
    Onur Kaya
    Hey everyone I want to test the Sophos UTM Webserver Protection future, any idea how can i attack theservers behind sophos, also what should be runing on servers? I've 3 server ready to use.
    • over 2 years ago
    • UTM Firewall
    • General Discussion
  • WAF Anomaly Score 15

    xRron
    xRron
    Hi to all, We have configured WAF for WEB Protection Rule but when a operator try to upload news content on web upload the Sophos XG Denies to upload news content to published, see the denied log. /Media/InsertContent/11224 WAF…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Solution: Sophos Firewall WAF E-Mail Stuck because attachement size

    David Lorenz
    David Lorenz
    Hello Community, we had the problem with the WAF of our firewall. We cant sent mail with a attachement size over 1MB. My collegue Denis Neugebauer find a solution in some other forums. Here is the solution (in German -> use DeepL.com): # Vorwort…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos XG API / Lets Encrypt / PowerShell 7 / WAF Update

    nplm85
    nplm85
    Hopefully this can help others. I'm running the home licensed version and just recently moved to v19 I have a few WAF's that are configured externally this script is to do the following. Renew Multiple certificates that are already configured…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Exchange / WAF - OWA, ActiveSync 1MB File Limit - SFOS 19 GA

    FFin
    FFin
    I'm getting following error in WAF-log: ModSecurity: Request body no files data length is larger than the configured limit (1048576) Is there a new switch in gui or command line to increase 1 MB limit in V19? There were forum posts some years and…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • WAF issue

    lauwiks Cutman
    lauwiks Cutman
    Hello everyone , I have a problem with my WAF rules. It no longer works, the problem happened all of a sudden without me changing anything on my configuration. Only forward port rules work correctly. I have already rebooted my router. I even deleted…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
<>