This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

idle timeout in web application firewall

hi

is there a way to limit idle http/https session through the web protection firewall?

let's say a user has logged on to the server, and i want the session to die after 5 minutes. can it be done? couldn't find such a setting

thank you



This thread was automatically locked due to age.
  • FormerMember
    +1 FormerMember

    Hi ,

    Thank you for reaching out to the Community! 

    Go to Webserver Protection > Web Application Firewall > Real Webserver > Advanced > Timeout:

    Reference screenshot: 

    "Timeout: Define a connection timeout value, that is the number of seconds the WAF waits for data sent by or sent to the real webserver. Values between 1 and 65535 seconds are allowed. Data can be received as long as the webserver sends data before the timeout expires. After expiring, the WAF sends an HTTP 502 message to clients. The default timeout is 300 seconds" 

    Thanks,