• In WAF forwarding rules, IP addresses set as exceptions are blocked.

    bonnie
    bonnie
    We are running a WAF on a virtual appliance with SFOS 18.0 installed. In the firewall rules created for WAF forwarding, two Exceptions are set. In the first exception, two Advanced items are checked for "Any IPv4". In the second exception, all security…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Sharing port 443 between WAF and User Portal not working

    Dreamcatcher
    Dreamcatcher
    Hello, since version 18.0 MR5 it should be possible to share port 443 between User Portal, SSL VPN and WAF. I have configured WAF rules for Exchange Server (TCP 443), which is working fine. SSL VPN is configured to use UDP 443, which is working as well…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Emby/ Plex (container) server on WAF HTTPS

    jang430
    jang430
    Hi. I recently decided to put my Emby server behind Sophos WAF, rather than opening port directly that points to the Emby server docker container. I believe this is safer? I was able to set up http. How do I set up https for this? I noticed playback…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Sophos XG WAF - Problem with attachment size greater 1 MB

    Vojtech Borkovec
    Vojtech Borkovec
    I have WAF on two web servers. One Exchange and one private cloud site. When I turn on any Common threat filter, it cannot be upload attachments larger than 1 MB.
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Allowing/Denying specific URL's

    Stuart Hamilton1
    Stuart Hamilton1
    Hi, Running an XG310. I have a web server running behind this device and also have a WAF rule for protection. I want to specify which URL's are accessable to the outside world. For example, if I was running www..123.com behind WAF. www.123.com/everyone…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • WAF Anomalies

    Regex
    Regex
    Hello Community. Im hosting some assets on Synology box. one of it is Synology Drive. Its accessible from WAN - mainly it works as "One Drive". I have been create a discussion asking for help https://community.sophos.com/sophos-xg-firewall/f/discussions…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • WAF Inspection

    Regex
    Regex
    Hello Community. Is there any information that Sophos XG appliance is inspecting traffic between Sophos ----> Server ? Simple scenerio: [WAN INTERNET] --------> (SophosXG_WAF Rule) -------> "Synology Server with a few services on non standard ports…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Publish some web applications using the same public IP.

    IvanildoGalvão
    IvanildoGalvão
    Hello friends. I only have one public IP on my Sophos XGS, but I want to publish three web applications (web1.dominio.com, web2.dominio.com, web3.dominio.com), all arriving on the same public IP and on the https port. I know that via NAT, this would…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • WAF "Inbound Anomaly Score Exceeded (Total Score: 5)" without a ID in reverseproxy.log

    StefanS
    StefanS
    Hi there, We have a support portal protected with the WAF (v18.5.1), however, we get this error message. "Inbound Anomaly Score Exceeded (Total Score: 5)" However, we do not find any ID in "reverseproxy.log" to make an exclusion. What can be done…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Preserve or retain client IP through WAF

    djb-sophos
    djb-sophos
    Hello, I've done some searching on here and many posts I find are 5-10 years old and/or the original poster never came back to confirm whatever was suggested fixed their issue or not. And, for reasons beyond me, these threads are locked so you cannot…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Webserver Protection log for Protocol Enforcement

    AlexanderPoettinger
    AlexanderPoettinger
    I have a website behind a webserver protection a virtual XG 18.5.1-326 One page on the website creates an error that leads to a blocking of the next page. The only way to unblock it is by creating an exception for the relevant path for the "Protocol…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • HTTPS WAF redirect loop

    Omar Murad
    Omar Murad
    Set up: Client <---> Sophos HTTPS WAF (Ports 80 & 443) <---> HTTP Wordpress Server (Port 80) The reverse proxy seems to keep redirecting me to HTTPS on port 443 despite the request being for HTTPS on port 443. ~$ wget http://blog.mysite.com/ -O /dev…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Web application Firewall - WAF policies limitation to 60 rules?

    G9500
    G9500
    Hi, I'm using a virtual appliance of Sophos XG 18.5.1 (2c4g) I configured 60 WAF policies, but now I'm blocked by a limitation. Error message: 60 WAF policies are already enables. This policy will be created but it will not be enabled. Are you sure…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • WAF IPS not working with HTTPS requests, only HTTP.

    Omar Murad
    Omar Murad
    I have gone through the steps to set up WAF according to the documentation, but I cant seem to get the WAF IPS to work with HTTPS requests. It works perfectly fine with HTTP requests. Here is my configuration The certificate is valid for both…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • XG v18 Disable WAF HTTP trace & track

    Dan Williams
    Dan Williams
    Hi One of our customers has been advised to disable HTTP trace/track as it is identified in a vulnerability scan. They have asked the question "what is the impact on the firewall operations?" if the change is made. This is not something I have come…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • WAF Slow https Access to internal DevOps Server 2020

    juergenb52
    juergenb52
    Hi, i used to have pubished TFS 2015 with different XG Releases (17.0,17.5,18.0 and 18.5). Users connected to the Webinterface of TFS through a Public URL and XG had a simple rule with Form bases authenticationa against the TFS 2015. Last week i changed…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • View related content from anywhere
  • More
  • Cancel
<