Hello, I am getting some unexpected and unwanted requests (trying to find exploits) that are handled by one of the WAF Rules: Here's the WAF Rule that is being it with this traffic: Here's how it looks in the Event Viewer: How can I change the…

Hello, We have the problem that users who work from home and only have an IPV6 address cannot use the WAF rules and web server access. Can we allow "any IPV6"? "any IPV4" is allowed. What would be the best approach here? Thank You!

Hi, I need advice how to Deny Direct IP access from browser. So, it only allow access by domain-name. How it done through Sophos Firewall configuration rule? I use Sophos XG 310, SFOS v20.0 Thanks

Using Web Server Protection, I want a web server to only be reachable from some IP lists or IP host groups. How can I achieve this? In Access permission , Allowed client networks , it seems that I can only choose individual IP hosts of networks. Am…

I'm struggling to block access to the WAF, I am trying to block all but Cloudflare IP ranges from accessing the WAF however there is still traffic hitting the WAF from non cloudflare IP's. If you are a non cloudflare IP then you get a forbidden page instead…

We just had a PCI compliance scan and we failed because HTST wasn't enabled. Looking through everything HTST is enabled on all of our Web Server Protection rules including the default one. The PCI scanning company said the server replying is using apache…

Is there a simple way to replace an expired certificate without having to manually replace it with a valid one in all WAF rules and other places where it is used?

I'm getting an error on a URL with WAF for Static URL Hardening. I've added an exception but still getting the same error. What am I missing?

Hello guys! I have a home server running a few services on port 80 and 2-3 other ports I also have dyndns (3 hostnames) and have been using waf to connect to those 3 services without the need to enter a port in the url (There are also a couple of…

Hi, I would like to setup a Webserver protection using the WebServer and HTTPS to the Sophos FW, but behind the Firewal, I want to use HTTP. Could anyone tell me how to setup that? I can see how to setup for HTTPS, but I am not sure how to send it using…

Hallo everyone, I am facing with an issue in sophos XG with web server protection. I have created a WAF rule and redirect my alias ip to my webserver through HTTPS 443 select my certificate *company.com and add my webserver host my company.com but…

Dear All, I am facing with a Problem in sophos xg web server Protection, I have created all needed ruls and upload the ssl certificat to xg but in web application rule under the Host server when I select the HTTPS in the dropdaown menu I dont see me…

So i know this topic has been discussed before but no one puts in a complete answer so going to ask it again. After enabling Exchang enhanced protection OWA externall breaks. I know this is due to the SSL offloading as this is mentioned in several posts…

Hello! I'm trying to setup a Web Server Protection Rule for my home automation system. I have a lot of other WAF rules which work perfectly. I'm only having trouble with this one rule, where I get the following error: I just can't get this rule…

Hi there, we have an internal URL (like server1/.../access.php This link is designed to be accessed directly from the Internet and we would like to make it available to the public. But as this link is quite complicated and as it might reveal details…

The WAF custom authentication form in the documentation is not that clear and required several rounds of testing to fix. Below I've added code that is easier to modify and quickly get up to speed without 30 minutes of troubleshooting and testing. I…

Hello, I have a Peplink WAN gateway and a Sophos in the centre for routing from the core switch to the WAN.I have a problem: I cannot perform a waf for my webserver, which is hosted by peplink and the server are located at dmz, and my website is already…

Hello, I have trouble configuring WAF rule for one specific web server/service When I try to access service from inside on my pc I get 403 [Sun Jan 07 19:40:08.983664 2024] [authz_core:error] [pid 22769:tid 140041007253248] [client 10.2.1.10:52039…

Hi, i read a lot of posts about this Problem, but cant get it running. Made the WAF settings strictly by Sophos KB article, owa, outlook anywhere etc are running properly, but active sync isnt working. Log saus WAF Anomaly Inbound…

I've been reading some discussions about WAF support for HTTP/2 before. Is it available in the new SFOS v20? Or is it planned for some next MR?

SFOS 19.5MR3 I'm getting multiple WAF-Logentrys with exact same URL (upper-/lowercase) - one request passes correctly the other one fails due to "Static URL Hardening - No Signature found". As it's same exact same URL it's probably not a configuration…

We have updated our XGS3300 to SFOS 20.0 a few days ago. Since then our WAF ist not working. AH00526: Syntax error on line 106 of /cfs/waf/reverseproxy.conf: Invalid encrypted key AH00112: Warning: DocumentRoot [/sdisk/waffiles/1cf6480d9dcdd33a4319301e0d8ef22b…

Hello, We use the Web Server Protection of Sophos XG Firewall and have now reached almost 60 WAF rules. This is also the maximum number of WAF rules. Is it possible to combine several URLs in one WAF rule and route them to different servers? WAF rule…

Is it possible to decrypt HTTPs on the firewall and send plain HTTP to the webserver (without encrypting it again)? Thanks!

Hi all, When AV or other protection features are enabled, we keep running into various problems while uploading large files. Sometimes the disk space (Temp=100%) seems to be the cause, sometimes other internal buffers. We have the requirement to allow…