Citrix Forums » Web App Firewall
2 FOLLOWERS
Want to ask questions about creating a new signature? Have issues editing the signature? Share them here. Also, learn how to bypass specific IPs from Learning Mode, and talk everything about web app firewalls.
Citrix Forums » Web App Firewall
4M ago
Dears,
We moved recently to Citrix Web Application Firewall.
We want to protect our websites using citrix WAF. we conducted VA and get the following vulnerability:
Cloud Metadata Potentially Exposed
Anyone can help how to deal with this vulnerability on citrix WAF.  ..read more
Citrix Forums » Web App Firewall
4M ago
HI
Can anyone help me out, I have Cookie Consistency selected for Logs Stats and learning,
When opening a new tab on the browser for Sharepoint the attached image comes up randomly, when you refresh, the correct page displays,
Turning off all checks for CookieConsistency, everything displays correctly.
No errors on the logs, only thing i see come up is "Request has duplicate cookie <not blocked>"
Thanks in Advance ..read more
Citrix Forums » Web App Firewall
4M ago
what steps on gui can configure netscaler for basic waf (best practice) or at least learn mode ..read more
Citrix Forums » Web App Firewall
4M ago
Hi team
Do you know " how do you collect full body log WAF on Citrix ADC"
I tried on Audit Message Action. But I don't know writen Expression collect full Body log?
Please help
Thanks
Hung Hoang ..read more
Citrix Forums » Web App Firewall
4M ago
Dear sir/madam,
Good evening,
we are using ADC version 13.0 build 89.7. Now we can see our learning rules are 184 and relaxation rules are 2000.and our database is not learning traffic when we enabled learning mode.AS per citrix engineer the learning database has reached the limit. we restarted the learning process but no use.and now the citrix engineer guided as to reset the profile.And if we do reset the profile anything negative impact on the production???
And if we skipped one learning rule then,is waf will learn again that particular url ????
And we are g ..read more
Citrix Forums » Web App Firewall
4M ago
Hi everyone,
Anyone have faced an issue with WAF block file size over 100MB? I have issued with FTP can't upload file size larger 100Mb after apply WAF. Pls anyone advise the solution.
Thanks  ..read more
Citrix Forums » Web App Firewall
1y ago
Dear sir,
we are using ADC WAF 13.0 build 89.7. we are getting content type,csrf tag, field consistency,field format,sql,start url, multiple header,invalid RFC,cookie Hijack,command injection violations.when we tried to enable start url block option the web page is getting struck.and if we enabled remaining block options the application not performing their functions.and now learning is enabled in waf for the above violations.
could you please any one help me to solve this issue???
Thanks & Regards,
Raj ..read more
Citrix Forums » Web App Firewall
1y ago
Hi,
Does someone has the same issue like me that after updating ADC to release 13.1. 42.47 the Search option of WAF signature does not work anymore?
Regards, Hemant ..read more
Citrix Forums » Web App Firewall
1y ago
Hello,
i want to write a relaxation rule for html sql injection grammar based. But my relaxation is not working. The adm log shows
So my relaxation rule is configured so
But its not working. I also tried as value expression .* but this also won't work.
Any ideas, why ..read more
Citrix Forums » Web App Firewall
1y ago
Hello,
we use our WAF in ADC Version 13.1 build 42. We see since some versions in adm that a Security Check violation of type "Invalid RFC" is detected. But it is not blocked.
Have someone any idea, where i can block unvalid rfc requests? In the profile settings of the waf profile, i configured RFC Profile check to APPFW_RFC_BLOCK ..read more