Haltdos User Guide
  • Introduction
  • Customer Portal
  • hdPlatform
    • Stacks
      • Stack Status
      • Events
      • Alarms
      • Analytics
      • Instance
        • Operational Settings
        • High Availiability
        • VRRP
        • Network Settings
          • Ethernet
          • Virtual LAN
          • Link Bonds
        • Routing
          • BGP
          • OSFP
          • RIP
        • Integration
          • SNMP
          • NTP
        • DHCP Settings
        • Virtual Machines
      • Integrations
        • Syslog
        • API Tokens
        • Webhooks
        • Threat Feeds
      • Resource Content
        • Cache Pools
        • Encryption Key
        • SSL Certificates
          • Lets Encrypt Certificates
        • Web pages
        • Client Certificates
        • Revocation List
        • Custom Scripts
      • Stack Settings
        • Backup Policy
        • AAA Policy
        • Reports
        • Scheduler
        • Dashboards
        • Config Synchronization
    • Status Page
    • Updates
    • E-Mail Integration (SMTP)
    • OS Templates
    • Virtualization
    • User Management
      • Access Control
      • Active Directory
      • Password Policy
      • Admin Users
    • User Profile
      • Change Password
      • Reset Password
    • Logs & Diagnostics
  • Deployment
    • Link Load Balancers (LLB)
      • Scenario 1
      • Scenario 2
      • Scenario 3
      • Scenario 4
    • Application Delivery Controller
      • Scenario 1
      • Scenario 2
      • Scenario 3
  • Solutions
    • Web Application Firewall (WAF)
      • Machine Learning
      • Listener
        • Settings
        • Profiles
          • Settings
          • Geo Filtering
          • Antivirus
          • Bot Protection
          • Policy
            • Web Policy
            • JSON Policy
            • XML Policy
          • Rules
            • Error Rules
            • Form Rules
            • Firewall Rules
            • Rate Limit Rules
            • Whitelist Rules
            • Response Rules
            • Behavior Rules
            • Tamper Rules
            • Correlation Rules
            • Deception Rules
            • Script Rules
            • Log Rules
          • Signatures
        • SSL Settings
        • Performance
          • Caching
          • Compression
          • RUM Metric
        • Server Groups
          • Servers
          • Load Balancing
        • Monitors
        • Rules
          • Error Rules
          • Header Rules
          • Redirection Rules
          • Variable Rules
          • Upstream Rules
        • Variables
        • Advanced Bot
        • Rule Staging
        • Virtual Patching
        • Learning
        • Auto-Profiling
      • User Groups
      • Incidents
      • Tools
        • Global Whitelist
        • FP Finder
        • Match Finder
    • Web Security Scanner
      • Scan Profiles
    • Anti-DDoS
      • Profile
        • General Settings
        • Detection
        • Connections
          • TCP Settings
          • TCP Shield
          • Aggressive Aging
        • Application
          • HTTP
          • DNS
          • Miscellaneous
        • Traffic shaping
        • Network Rules
        • Signature
      • Geo Inspection
      • Bot Protection
      • SSL Offloading
      • Cloud Signaling
      • Incidents
      • Advance Settings
        • Pattern Score
        • Top talkers
      • Cluster
    • Link Load Balancer (LLB)
      • LLB Settings
      • Interface Groups
      • Monitors
        • Monitor Scripts
      • Rules
        • Load Balancing
        • Source NAT
        • Destination NAT
        • Fixed Routing
        • Scenario 5
        • Policy Routing
        • Traffic Shaper / QoS
    • Application Delivery Controller (ADC/SLB)
      • Listeners
        • Listener Settings
        • SSL Settings
        • Geo Filtering
        • Server Groups
          • Servers
          • Load Balancing
          • SNMP
        • Monitors
        • Performance
        • Rules
          • Error Rules
          • Header Rules
          • Redirection Rule
          • Policy Rules
          • Upstream Rule
          • Rate Limit Rules
        • Action Scripts
      • Incidents
    • SSL VPN
      • Settings
        • General Settings
        • Networking
        • Security
      • VPN Users
      • VPN Group
    • Global Server Load Balancer (GSLB)
      • Listener
        • Operational
        • Geo Filtering
        • Zones
        • Monitors
        • Rules
      • Domain Filters
      • Sites
  • Knowledgebase
    • Platform
      • KB: 00003001
      • KB: 00003002
      • KB: 00003003
      • KB: 00003004
      • KB: 00003005
      • KB: 00003006
      • KB: 00003007
      • KB: 00003008
      • KB: 00003009
      • KB: 00003010
      • KB: 00003011
    • Web Application Firewall (WAF)
      • KB: 00001001
      • KB: 00001002
      • KB: 00001003
      • KB: 00001004
      • KB: 00001005
      • KB: 00001006
      • KB: 00001007
      • KB: 00001008
      • KB: 00001009
      • KB: 00001010
      • KB: 00001011
      • KB: 00001012
      • KB: 00001013
      • KB: 00001014
      • KB: 00001015
      • KB: 00001016
      • KB: 00001017
      • KB: 00001018
      • KB: 00001019
      • KB: 00001020
      • KB: 00001021
      • KB: 00001022
      • KB: 00001023
      • KB: 00001024
      • KB: 00001025
      • KB: 00001026
      • KB: 00001027
      • KB: 00001028
      • KB: 00001029
      • KB: 00001030
      • KB: 00001031
      • KB: 00001032
      • KB: 00001033
      • KB: 10001034
      • KB: 00001035
      • KB: 00001036
      • KB: 00001037
      • KB: 00001038
      • KB: 00001039
      • KB: 00001040
      • KB: 00001041
      • KB: 00001042
      • KB: 00001043
      • KB: 00001044
      • KB: 00001045
      • KB: 00001046
      • KB: 00001047
      • KB: 00001048
      • KB: 00001049
      • KB: 00001050
      • KB: 00001051
      • KB: 00001052
      • KB: 00001053
      • KB: 00001054
      • KB: 00001055
      • KB: 00001056
      • KB: 00001057
      • KB: 00001058
      • KB: 00001059
      • KB: 00001060
      • KB: 00001061
      • KB: 00001062
      • KB: 00001063
      • KB: 00001064
      • KB: 00001065
    • Application Delivery Controller
      • KB: 00002000
      • KB: 00002001
      • KB: 00002002
      • KB: 00002003
      • KB: 00002004
      • KB: 00002005
      • KB: 00002006
      • KB: 00002007
      • KB: 00002008
      • KB: 00002009
      • KB: 00002010
      • KB: 00002011
      • KB: 00002012
      • KB: 00002013
      • KB: 00002014
      • KB: 00002015
      • KB: 00002016
      • KB: 00002017
      • KB: 00002018
      • KB: 00002019
      • KB: 00002020
      • KB: 00002021
      • KB: 00002022
    • Global Server Load Balancing
      • KB: 00004001
      • KB: 00004002
      • KB: 00004003
      • KB: 00004004
      • KB: 00004005
      • KB: 00004006
      • KB: 00004007
      • KB: 00004008
      • KB: 00004009
  • Troubeshooting
    • Case: 00009001
    • Case: 00009002
    • Case: 00009003
    • Case: 00009004
    • Case: 00009005
    • Case: 00009006
    • Case: 00009007
  • Glossary
Powered by GitBook
On this page
  • How to prevent Cross-site Request Forgery through Haltdos WAF?
  • Problem Statement
  • SOLUTION

Was this helpful?

  1. Knowledgebase
  2. Web Application Firewall (WAF)

KB: 00001059

PreviousKB: 00001058NextKB: 00001060

Last updated 2 years ago

Was this helpful?

How to prevent Cross-site Request Forgery through Haltdos WAF?

Problem Statement

Client wants prevent their sites by Cross-site Request Forgery attack.

SOLUTION

The client can achieve the above requirement by configuring settings to prevent CSRF on Haltdos console.

1. First, log into the haltdos management console.

2. Go to Stacks > WAF > Listener > Advance Bot > Configure settings for CSRF > Save changes

3. Now go to Stacks > WAF > Listener > Profile > Profile default setting > Policy > Web Policy >Enable CSRF toggle > Save changes

By configuring above CSRF settings client can protect their sites from CSRF attack.