본문 바로가기
정보보호 (Security)

Is my Web Application Firewall Blocking WebsiteDefender?

by 날으는물고기 2012. 4. 13.

Is my Web Application Firewall Blocking WebsiteDefender?

Previously we explained why some web hosting servers block the WebsiteDefender Agent, which could cause your WebsiteDefender service to malfunction.

In this article, we will show you exactly how a web application firewall can block communications between the WebsiteDefender Agent and the WebsiteDefender Server.

Many hosting providers or server administrators use web application firewalls, such as ModSecurity, to filter and monitor a website for hacker attacks. Some of the web application firewalls used today have different configured rule sets to filter HTTP software requests and can therefore interfere with the WebsiteDefender Agent.  Below are some examples that show how and why the WebsiteDefender Agent might be blocked by a web application firewall.

The web application firewall might block the communication completely with the WebsiteDefender Agent.



In this example, the WebsiteDefender Agent request to the web server has been blocked by the firewall, based on the predefined rule sets. Any requests sent from the WebsiteDefender Server will not reach the WebsiteDefender Agent. Depending on the firewall configuration, when you run the WebsiteDefender Agent test, you might receive a “404 Not Found” error or “Unreachable” error code.



The web application firewall might alter, modify or strip important and essential components from the WebsiteDefender Agent request.



In this case, the request sent by the WebsiteDefender Scanning Server to the WebsiteDefender Agent will manage to pass through the firewall but the information returned will be invalid.

Therefore, the WebsiteDefender Agent will send an invalid response back to the WebsiteDefender Scanning Server, stating that a previously received communication request was corrupted or not recognized.



The request received by the WebsiteDefender Agent passes the Web Application Firewall check. In this case, the communication request sent by the WebsiteDefender Server to the WebsiteDefender Agent successfully passes through the web application firewall. The WebsiteDefender Agent response successfully reaches the WebsiteDefender Server, meaning that the WebsiteDefender Agent is up and running successfully.



출처 : www.websitedefender.com

728x90

댓글