How to enable SiteWALL WAF for your API
2. Click on Configuration --> Applications.
3. Then
click on Add Application button in the Application Management Section.
You will see
the Add Application Wizard.
Step 1: Select the Application Type
Choose the type of application you want to configure. This can be an
Application, Website, or API. Select the appropriate application type based on
your requirements, then click Next to proceed with the configuration.
Step 2: Select the SSL Configuration
If you have already uploaded your SSL certificate, then begin by clicking the Enable
SSL radio button. Select the appropriate certificate profile from the
dropdown menu. Once the correct certificate profile is selected, click Next to
proceed with the configuration.
If you do not wish to use SSL, select the No SSL
option and click Next to proceed. However, please note that running
applications without SSL poses a significant security risk, as data transmitted
between the client and server will not be encrypted.
If you have not yet uploaded your SSL certificate, please
refer to the Knowledge Base article here: How
to Upload SSL Certificate in SiteWALL.
Step 3: Add Application Details
Once you have uploaded and configured the SSL certificate, proceed to Step 3 and fill in the application details:
a) Enter the Application URL.
b) Enter the Public IP address of the application. If you are using more than one ISP, enter the CNAME used for load balancing instead of the IP address.
Refer to the KB article here: How to Configure DNS Load Balancing with Dual ISP IPs.
c) Select the Operating System from the dropdown list.
d) Enter the Operating System Version.
e) Click on the Next button to proceed.
b) Enter the Public IP address of the application. If you are using more than one ISP, enter the CNAME used for load balancing instead of the IP address.
Refer to the KB article here: How to Configure DNS Load Balancing with Dual ISP IPs.
c) Select the Operating System from the dropdown list.
d) Enter the Operating System Version.
e) Click on the Next button to proceed.
Step 4: Verify Group Email IDs for Notification
Check the email IDs linked to the selected notification
group.
To add more recipients or create a new group, you can go to
the Group Management section. For details, refer to the
Knowledge Base: Creating
Groups for Notifications and Reporting
Step 5: Configuration
By default, all configurations are enabled. If your API schema is ready, you
can upload it in the mentioned supported formats. If not, you can arrange the
schema and upload it later by editing the application.
Review the configuration settings, then click Next to proceed.
NOTE: API schema is mandatory for performing VA scanning on your API-based
application.
Step 6: Enabling Security Modules
By default, all Security Modules are enabled except Webshell. To enable Webshell protection for your application, please refer to the Knowledge Base article: How to install SiteWALL Webshell agent
Review the notification group selected for each security
module to ensure that alerts will be sent to the correct recipients. Once
verified, click Finish to complete the Add Application wizard.
After clicking Finish the page will redirected to
Application List where you can see the added Application with selective
details.