Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 11 replies
  • Subscribers 1 subscriber
  • Views 2522 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Webserver Protection won't work.

traxxus_01
Hi

I'm trying to use the Webserver Protection on Sophos UTM v9.105-9.
I'm using an dyndns address.
I have added an real webserver and an virtual webserver. In my eyes everything is ok.

But the thing isn't working. 

I also got no entries in live log and no entries in the Logging & Reporting section. Every graph is emtpy.


This thread was automatically locked due to age.
  • 0
    there are some ping websites that can help you
    try to ping youraccount.dyndns.org
    Seems that nothing cames to your wan
  • 0
    But i can access the website from outside without problems.
    There is a DNAT rule for Port 80 which point directly to the webserver.
  • 0
    Traxxus, it's what I call Rule #2:

    In general, a packet arriving at an interface is handled only by one of the following, in order:
    DNATs first, then VPNs and Proxies and, finally, manual Routes and Firewall rules.


    So, you must disable your DNAT to allow the Proxy to see the traffic.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    Hi 

    Thank you for the input.
    I have now disabled the DNAT rule and created an Firewall rule to open port 80 to the webserver.

    I see now activity on the logs, but the website deliver just half of content (no css files etc.) [:S]
  • 0
    You do not need a firewall rule either! Just configure the Webserver Protection.

    For your poblem with half loading sites: have a look at the Webserver protection log file. It will eventually tell you the reason. You then can define an exception for the affected rule.
    You might also post your log here so we can have a look at it...

    ----------
    Sophos user, admin and reseller.
    Private Setup:

    • XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)
    • UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
  • 0 in reply to scorpionking
    Wonderful, thank you for the help.  I had to disable the form hardening.

    It is working now.
  • 0
    Bob, thanks for mentioning Rule #2!

    Just out of curiosity, what's Rule #1?


    See Ya!
    Van
  • 0
    Just search the forum, you will find several rules... [:)]
    You might try Google with "balfson rule site:astaro.org", it works better than the internal forum search.

    ----------
    Sophos user, admin and reseller.
    Private Setup:

    • XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)
    • UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
  • 0
    Thanks, SK!

    So far, I have eight rules about common issues.  Do two googles site:astaro.org "what i call rule #" "Cheers - Bob" and site:astaro.org "zeroeth rule" "cheers - Bob"

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    Thanks, SK!

    So far, I have eight rules about common issues.  Do two googles site:astaro.org "what i call rule #" "Cheers - Bob" and site:astaro.org "zeroeth rule" "cheers - Bob"

    Cheers - Bob


    Using these two searches I found 0, 1, 2, 3, 4 and 6.
    Seems like i'm not able to find 5 and 7.
    Anyone a better googler than I am?

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

Unfiltered HTML