Hello We're trying to use a Webserver behind web server protection (Sophos XG) where clients have to authenticate themself with a certificate. We're able to reach the Website and we can authenticate with username and Password. But, however, our clients…

Hi, my website got some serious attacks from different locations. Can I secure my website with Sophos Firewall? My site url is https://www.autoreinigung-noack.de/ . Any help will be appreciated

Hello everyone. I have enabled a WAF protection policy on my website. And now I have some WAF anomaly. Problem is I can't find the reason of the anomaly. Here is the log that I have in the log viewer : 2022-06-18 12:00:41Web server protectionmessageid…

Hi to all, We have configured WAF for WEB Protection Rule but when a operator try to upload news content on web upload the Sophos XG Denies to upload news content to published, see the denied log. /Media/InsertContent/11224 WAF…

Hello Community, we had the problem with the WAF of our firewall. We cant sent mail with a attachement size over 1MB. My collegue Denis Neugebauer find a solution in some other forums. Here is the solution (in German -> use DeepL.com): # Vorwort…

Hopefully this can help others. I'm running the home licensed version and just recently moved to v19 I have a few WAF's that are configured externally this script is to do the following. Renew Multiple certificates that are already configured…

I'm getting following error in WAF-log: ModSecurity: Request body no files data length is larger than the configured limit (1048576) Is there a new switch in gui or command line to increase 1 MB limit in V19? There were forum posts some years and…

Hello everyone , I have a problem with my WAF rules. It no longer works, the problem happened all of a sudden without me changing anything on my configuration. Only forward port rules work correctly. I have already rebooted my router. I even deleted…

I am trying to get my ActiveSync setup to work across my Sophos XG 18.5.3 MR-3 install. I follow the recipe found at https://support.sophos.com/support/s/article/KB-000040209?language=en_US When I try to save the firewall rule mentioned towards the…

Hello guys. I am using waf and I noticed that when Rewrite HTML is checked javascript is not loading. For example I have a phpsysinfo script running. When I access it, while it is supposed to use bootstrap to display the page, it redirects me to the…

Discovered a scenario that I can't get working in Azure, which seems like a limitation on the XG. We setup a policy-based VPN to one of our customers which needs to access one of our web-apps. The customer requires that RFC-1918 is not used in VPN traffic…

We have a web server that sends websocket requests when being accessed. We are able to make it work through HTTP traffic, but when we got an SSL certificate to make it HTTPS, the websocket requests fails. I have tried using Path-Specific Routing to…

We have a Sophos 18.5 firewall. Behind this we have two identical servers (WEB01 & WEB05) running a website. In the WAF rule, I can toggle between the two servers in the "Protected Servers" Web server list just fine and the website continues to work.…

Dear Sophos, I am operating a matrix.org synapse backend, and for federation to work properly it is important that the apache virtual host is configured with the "nocanon" option. My assumption: Normally, mod_proxy will canonicalise ProxyPassed URLs…

I have two public IP addresses behind a sophos XG, I need to publish two web servers in the DMZ zone. I created the publishing rules for both servers. only access to web server 1 is allowed from IP1 address. access to web server 2 from IP2 address is…

Hello eveyrone, I have created a WAF rule on all my Website, which is in "moitor" mode : I went to reverseproxy.log to see if I had errors, warning... and I have many many logs like : [cookie:error] [form_hardening:error] [security2:error…

Hello, I would like to do this : Allow all internet v4 IP on www.mywebsite.fr Allow specify IP on www.mywebsite.fr/admin Is it possible with Sophos XG 18 ? Thank you very much.

Hello, I am trying to set up kind of a "blue-green" deployment environment for our website. We already have a working web server and a firewall (WAF) rule pointing to this web server. I've added a second "web server" and I now see it in the list under…

It seems that it is impossible to create WAF rules for web servers with https so that the web server would use its own certificate instead of cert from the firewall. Is it really so and is there any trick going around this problem?

We have a new SSL certificate installed in Sophos for a website we are hosting. When I configure the web server with an HTTP encryption, there is no issue. But when I change it to HTTPS encryption, these are the issues we are having: From internal network…

We have a Sophos 18.5.1 firewall. Can it prevent brute force attempts such as the one below? If so please explain how to go about setting it up -- elaboration goes a long way! These brute force attempts are causing our site to show 503 Service Unavailable…

Hello! We are using sophos Web Server Protection to proxy our websites, One of our editors is suffering from this error: Sometimes get this message after 2 mins of usage, sometimes 15-30 mins, after this tried to flush all caches (10x times a day!)…

We have XGS3100 and in one web application, the following error is displayed in the browser when passing credentials: Bad Request Your browser sent a request that this server could not understand. Size of a request header field exceeds server limit…

Hi, I have one problem with my webserver. It´s an VM, with only a public IP, so no internal private IP, that it can be translated to. I set up firewall XG from ground, since I was expecting problems with one VLAN, that wasn´t accessable anymore, even…

I have a fresh install of Sophos XG Firewall Home (SFOS 18.5.2 MR-2-Build380) Everything is working except I can not get the WAF to recognize that I have created as web server. I created a host in Host and Services ! created a web Server in Web…