Frequently Asked Questions about SiteWALL WAF Incident Reports
1. What is this report?
This is an incident report generated manually by the SiteWALL Support team detailing the malicious activity that was detected and blocked by SiteWALL Web Application FireWALL (WAF), ensuring the security of your applications for cyber attacks. SiteWALL WAF identified and proactively mitigated a sequence of malicious requests targeting your applications.
2 What is a Web Application Firewall (WAF)?
A Web Application Firewall (WAF) is a security solution that helps protect web applications from various attacks by filtering and monitoring HTTP/HTTPS traffic between a web application and the Internet. SiteWALL WAF specifically blocks malicious requests in real-time to prevent exploitation or compromise.
3. Why did I receive this report?
You received this report because you are added as a owner for your Web Application in SiteWALL Management portal. This report is sent to the application owner next day after the incident was detected and blocked.
4. How can I view attacked blocked in real time?
You can view the attacks blocked in real time by logging into SiteWALL Management Portal and clicking on Analytics --> Security Dashboard. You also apply custom filters by clicking on any field to see dynamic views of any attacks.
5. How frequently will I receive this report?
You will receive these reports as and when your application is targeted by attackers and hackers.
6. Was my application or data compromised?
No. SiteWALL WAF aims to block all malicious requests, preventing unauthorized access or compromise to your Web Applications.
7. Was there any impact on my application's performance?
When requests are blocked by SiteWALL WAF, they typically do not reach the application, meaning application performance remains unaffected.
8. What actions has SiteWALL taken after this incident?
SiteWALL WAF successfully blocks the malicious requests. Post-incident analysis is conducted, and SiteWALL WAF rules are updated to reinforce protection against similar patterns. Monitoring is also heightened.
9. What can I do to further strengthen my application's security?
SiteWALL recommends reviewing application security for vulnerabilities, conducting regular security audits (including application configurations, WAF rules, and database queries), and enabling geo-blocking to restrict access from irrelevant regions or IP ranges.
10. Who can I contact for more information or assistance?