• XG v18 Disable WAF HTTP trace & track

    Dan Williams
    Dan Williams
    Hi One of our customers has been advised to disable HTTP trace/track as it is identified in a vulnerability scan. They have asked the question "what is the impact on the firewall operations?" if the change is made. This is not something I have come…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Exchange 2019 and WAF configuration - how to get ActiveSync working ?

    RanX
    RanX
    Dear Sophos support team, there have been several requests about this topic, but digging through them didn't provide a proper solution. In the past Sophos provided a guideline for the UTM how to publish an Exchange server with WAF. I did not find an equivalent…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Protect server against brute force attacks

    PaLmd
    PaLmd
    Is there a service in Sophos XG that automatically blocks the ip of the client that is trying to brute force access a web server? That is, if there is, what can be an effective way to prevent brute force attacks on, for example, an apache server that…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Allow "X-Forwarded-Proto $scheme" for Apache Tomcat Web Server

    Stefan Höhnemann
    Stefan Höhnemann
    Hi together, i using the Sophos XG Firewall on Azure and where i can allow the Header "X-Forwarded-Proto $scheme"? I created a Web Server Policy with "Pass Host Header", but the error still there. Thanks for your support in advance. Best…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • SSL Cert uploaded to the XG not showing as trusted

    Stuart Hamilton1
    Stuart Hamilton1
    Hi All, I am clearly missing something here, but Google is not my friend on this one as I cannot find out what. I am trying to install an SSL cert to use in WAF and Mail. I created the CSR Downloaded the request Requested the SSL from GoDaddy…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Web server protection with dual wan

    Svigelj Levi
    Svigelj Levi
    Hello! I have multiple internet connections to my sophos xg home box. Can i have redundant webserver protection? Im just allowed to select only one "Hosted address", maybe if i duplicate a WAF rule and select the other interface where i want to fallback…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • TLS 1.3 for Webserver Protection

    Ben@Network
    Ben@Network
    Hello Community, is it on the roadmap to implement TLS 1.3 for Webserver Protection? Thanks, Ben
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Publish Website with WAF and allow access from certain countries

    ali turki
    ali turki
    hello, We want to publish and protect website using WAF, but we want to allow access to this website from certain countries. But when we add business application rule (WAF) -> Allowed client networks , we can't choose country (only IPs) what to…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • XG 18.0.5 WAF LetsEncrypt Wildcard certificate

    AlexanderPoettinger
    AlexanderPoettinger
    I have a LetsEncrypt certificate with the following parameters (sorry for the substitutions, but there's customer names in the domain/hostnames): CN = {HOSTNAME1}.{DOMAINNAME1}.de DNS-Name= * . {HOSTNAME1} . {DOMAINNAME1} .de DNS-Name= {HOSTNAME2…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Country Blocking WAF

    seroal
    seroal
    HI there, in relation to these WAF country blocking threads: community.sophos.com/.../enable-country-blocking-for-waf-rule https://community.sophos.com/sophos-xg-firewall/f/discussions/126590/ip-country-block-does-not-work-with-waf Is this…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • WAF Rule

    Walid Fawzy
    Walid Fawzy
    Dear Everyone, I have a problem with WAF Rule , Do WAF Rule working with or without DNAT Rule . and when Disable DNAT Rule the access to published URL is very slowly and the page load incorrect . Can anyone help me ? Thanks in advance
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • SOPHOS BACKUP GATEWAY

    Ihenock
    Ihenock
    HI All I configure Sophos XG firewall secondary gateway and I enable failover when the active fails to take over however I couldn't access the sites I publish from outside my network. what I should do in order to work? Thanks
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • WAF domains will not be covered?

    Paul Schwegler
    Paul Schwegler
    Perhaps I am missing something simple here, but after setting up WAF for an internal HTTPS server, I am getting the following message when I try to save the rule: Following domain(s) will not be covered by selected HTTPS certificate "remote.domainname…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Sophos XG WAF Exchange 201x, Problem with attachment size greater 1 MB

    B|Cyber|Security
    B|Cyber|Security
    Hello, when will this finally be solved? I already have 2 customers who have this problem. And it is always a chore to explain to the support what they have to do. I'm slowly cursing the day I switched to V18. regards BCS
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • DNS dos not resolved

    Pounraj C
    Pounraj C
    we hosted the server on IIS in the internal network and I assigned a domain name like app.example.com but the problem is while trying to access from outside the network using domain name(app.example.com) the website has not loading but while trying…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • WAF Certificate Changes

    Florian Keller2
    Florian Keller2
    Has Someone a Idea to change the Certificates on Multiple WAF Rules i have an Single Certificate with Multiple Domains (SAN) however now the Certificate is Expired and i need to change it, but every time i go onto a WAF rule the Domain List is empty…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • WAF - AVOID FULL NAT BEHAVIOR

    TheLoghox
    TheLoghox
    Hi Team, I'm trying to migrate from TMG to Sophos XG. I have 40 web sites, 39 are ok, but 1 is causing a real headache :( In TMG you can use site path routing for web publishing, and for each rule, decide if you want to send to the real web server…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • OWA gets blocked from dedicated Mobile Phone Provider

    GernotMeyer
    GernotMeyer
    Hi all, having Sophos XG with 18.5 SFOS and OWA implemented. It happens actually that ALL mobile phones from dedicated mobile phone provider (in this case "Deutsche Telekom") gets blocked with error in WAF logfile: "Bad repution SXL category IPCAT_BOTS…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • WAF Access permission issues V18

    Ricardo Hartzenberg
    Ricardo Hartzenberg
    I have Web app server and i use the waf business rule in order to protect my web app and i specify one specific public IP address in Allowed client networks in the Access permission tab but after i enable this policy all the public IPv4 hit and pass…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Webserver Protection does not accept licence

    Ben@Network
    Ben@Network
    Hello Community, I've a new firewall installed with a Webserver Protection license enabled. The Sophos License Portal and the Firewall itself shows the license is activated and synced. If I create a WAF Rule I see the message This feature requires…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • XG Path Specific Routing with wildcard/path parameter

    David Ferretti
    David Ferretti
    Is it possible to use a wildcard and/or path parameter when adding path specific routing rules to a WAF rule? For example, I would like to have my default rule `/` route to one server, and something like `/my/route/*/xyz` or `/my/route/{id}…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Troubles with multiple virtual websites

    rizzah
    rizzah
    Hi there, Hope that someone can help me out, i am probably doing something stupid. I used to work with UTM and had no issues. Im switching to XG v18 and it seems no matter what i change, all virtual websites that i create are going to my exchange server…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Exclude external IP from WAF Reputation Scan

    Mishux
    Mishux
    Hey Guys, we are using WAF to publish our Exchange (OWA). One of our users LTE-Router IPs gets rejected with 'Bad Reputation'. Is it possible to exclude one IP from the bad reputation filter in the WAF? Thanks in advance.
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • WAF stops processing requests

    AADD
    AADD
    I have the same issue posted about here XG WAF stops working without error - Discussions - Sophos (XG) Firewall - Sophos Community . All WAF rules stop being processed seemingly random. This has been an issue since upgrading to v18.0.4. I am currently…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • WAF - HTTP POST request method

    Jaroslav Faldik
    Jaroslav Faldik
    Hello, Supports WAF HTTP POST request method or only HTTP GET?
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • View related content throughout Sophos Firewall
  • More
  • Cancel
<>