Fine grained and efficient rule prote呢知ction

Ngwaf identifies and defends various一為 known attacks through the rule 大通base, and meets the common security去我 risks and pain points of busin月又ess systems, so as to realize h如樹igh-fine-grained and efficient rule pro媽為tection.

The rule base includes:

SQL injection attack, XSS atta笑聽ck, CSRF Cross Site Request Fo月新rgery;

HTTP header injection attack, di農哥rectory traversal attack, remo西鄉te file inclusion attack;

Brute force attack, web crawler, w微外eb Trojan horse attack;

DDoS attack, session hijacking, ses門不sion fixation;

LDAP injection, PHP mail injection,月新 HTTP parameter pollution vulner地線ability;

Web sensitive information disc行內losure vulnerability, HTTP response開看 header splitting attack;

X-forwarded-for header forgery and fil行行e upload attack;

The authentication function is missing,司草 the static file is not detected b鐘懂y WAF, and the request method / reques哥草t parameters are limited;

It also supports configurable rules 小話(request method limit, HTTP protoc年小ol limit, illegal request header det小但ection, upload file size limit, reques討章t parameter limit) and custom rule libr森看ary.

Automatic dynamic modeling

The Web Application Firewall Based 紅廠on the rule feature base can solve雨學 a large number of web application ris門金ks, but due to the unique "delay" of th一這e rule base, it can only solve th少員e known security risks and is po線如werless to defend against 0day vulnerab購要ilities and new attacks. In add區得ition, there will be some errors in 外時the accuracy of the conventional f船書eature library model, because it do對人es not know the user's business他長 logic. The unique application匠輛 dynamic modeling technology o弟的f ngwaf can fully understand the user'聽你s business behavior and fully d冷區isplay the user's business logic飛還 through automatic learning of the appl近都ication, so as to completely solve 區她the above problems. Automatic 國兒modeling is not limited to the followi如老ng contents: access URL, applicat事討ion system path, HTTP request parame也在ters, number, type, name, valu我林e range, etc. Through the modeling res車但ults, the white list defense mod是業el can effectively solve various 0民機day vulnerabilities, new business attac下影ks and unauthorized operations.