How to enable SiteWALL WAF for your website or Web application

How to enable SiteWALL WAF for your website or Web application

Click on Configuration in the Menu and then click on Applications. 

 

 

Click on Add Application button in the Application Management Section.

You will see the Add Application Wizard.

Step 1: Choose Application Type:
Choose the type of application you want to configure. This can be an Application, Website, or API. Select the appropriate application type based on your requirements, then click Next to proceed with the configuration.  

 

Step 2: Select the SSL Configuration
If your application is working on SSL certificate then select Enable SSL and Chose the SSL Certificate from the dropdown list. Click Next to proceed with the configuration. 

 

If you do not wish to use SSL, select the No SSL option and click Next to proceed. However, please note that running applications without SSL poses a significant security risk, as data transmitted between the client and server will not be encrypted. 

If you have not yet uploaded your SSL certificate, please refer to the KB : How to upload SSL Certificate in SiteWALL

Step 3: Add Application Details

a) Enter the Application details (eg: admin.sitewall.net for application or sitewall.net for website)

b) Enter the Public IP address of the application. If you are using more than one ISP, enter the CNAME used for load balancing instead of the IP address. Refer to the KB article here: How to Configure DNS Load Balancing with Dual ISP IPs.

c) Select the Operating System from the dropdown list.

d) Enter the Operating System Version.

e) Click on the Next button to proceed.

 

Step 4: Groups

By default the Admin Group is selected for sending notifications. Use User Management -->
Groups section to add new group or edit the existing Admin Group.

A screenshot of a computer AI-generated content may be incorrect.

Step 5: Configuration

SiteWALL WAF runs in Protection mode by default.

Applications are accessed using the complete CNAME e.g. https://www.yourwebsite.com.  Users can also access the application using Top Level Domain (TLD) e.g. https://yourwebsite.com (without www). If your website or applications are running (without www) then click on the toggle button to set the Alias to "ON". This will enable WAF for both the URL's (https://www.yourwebsite.com and https://yourwebsite.com).

Keep End to End SSL “ON”.

Verify the ports for your application and click on Next.

 

A screenshot of a computer AI-generated content may be incorrect.

 

Step 6: Enabling Security Modules

By default, all Security Modules are enabled except Webshell. Webshell requires installation of Webshell agent on your application server. Please refer to the Knowledge Base article: How to install SiteWALL Webshell agent. Enable Webshell once you have installed the Webshell agent.

Review the notification group selected for each security module to ensure that alerts will be sent to the correct recipients. Once verified, click Finish to complete the configuration.


Clicking on Finish button will show you success popup. Click on “OK”

 

You will see the application added with all the configuration enabled in the Application table.