In December, we introduced you to our Virus Scanning Reverse Proxy service; as a reminder, this no-code solution automatically protects web applications from threats before they get a chance to reach your server. In today’s blog post, I am going to dive a bit deeper into the solution by providing a brief overview of the security policies that you can set up according to your company’s needs.
Virus Scan File Uploads (mulitpart/form-data) – Regular or Advanced Scan
Our most popular security policy, application of this setting will automatically scan any file uploads to your site via multipart/form-data and block the request from passing to the target server if the request is contaminated. Target threat types include viruses and malware, with the option to allow/block executables, scripts, macros, invalid files, password-protected files, and specific file types as well.
Virus Scan JSON Binary Data – Regular or Advanced Scan
Application of this policy will allow you to automatically scan base-64 encoded binary file data in JSON requests. Additional options include setting a URL Match Regular Expression, setting a URL for a virus found notification page or error page, and configuring specific JSON fields to virus scan by specifying a JSON path.
SQL Injection Protection
The SQLI protection policy will guard your web application from SQL Injection attacks by automatically scanning text inputs.
Similar to the SQLI protection policy, the XXE protection policy will automatically scan text inputs for XML External Entity attacks.
XSS Protection for Request Parameters
This policy enables you to block Cross-Site Scripting (XSS) attack requests.
IP Blocklist and IP Allowlist
The IP Blocklist policy will allow you to block access from any IP addresses specified on the blocklist, and the IP Allowlist policy will allow you to block access from any IP addresses NOT specified on the allowlist. The latter policy is primarily used for internal services/APIs.
Configure a Rate Limit policy to automatically block client IP addresses that exceed the defined rate limit; this is achieved by defining the rate limit value and unit of time (per second/per minute).
Block Known Bot, Threat, or Tor Clients
The titles of these three policies are basically self-explanatory; you can choose to block known bot clients, threat clients, or Tor clients by configuring any or all of the policies.
If you have questions or would like more information, you can contact our knowledgeable team, who are always happy to help.