WAF Events
- The events page shows all traffic intercepted by a firewall rule.
- Event details include the source IP of the attempt, the rule that caught the attempt, and the action taken on the traffic.
- You can also choose how to deal with future incidents of the same type from the same source.
Notes:
|
View WAF Events
- Open the SOCaaP Web Protection dashboard
- Select the target website from the menu at top-left
- Click the 'Firewall' tab
- Open the 'Events' tab
- Rule Name - The firewall rule that intercepted the access request
- Action - The activity of the access request on the website
- IP - The address of the source of the access request
- Country - The country from which the access request came
- Date - The date and time of the access request
- Choose
action - Specify how to deal with future traffic from the same
IP address.
- Allow - All traffic from the IP is permitted. This includes legitimate traffic, bots, malicious traffic etc.
- Block - No traffic is allowed from the IP. An error message is shown to users.
The action you choose above will start a wizard to create a custom firewall rule. Custom firewall rules require a 'Premium' license for the site.
Click 'Apply' to save your choice. See Manage Custom Firewall Rules for help on custom firewall rules.