Configuring Web Application Firewalls

You can use Acunetix scan results to configure your Web Application Firewall to mitigate discovered vulnerabilities.

Acunetix has built-in functionality to create export files for a number of WAF products, as well as more generic formats such as CSV and XML. For more information, refer to Exporting scan results to WAFs.

Some Web Application Firewalls, however, require direct integration using their APIs.

In the case of Amazon's AWS Web Application Firewall, you can configure your own WAF settings in Acunetix.

How to configure WAF settings

  1. Log in to Acunetix and select WAFs from the side menu.

  1. Click on + Add WAF.

  1. Set the Name field to describe the WAF – for this example, we have used CloudFront Portal 01.

  1. Set the Platform field to AWS.

  1. Set the Scope field:
  1. For global applications, select Cloudfront
  2. For regional applications, select Regional. If you set scope to Regional, you also need to select your Region - for this example, we have user US East (Ohio).

  1. Set the Access Key Id and the Secret Access Key fields. You can create your key pairs in your AWS account as follows:
  1. Login to your AWS account.
  2. Click on your profile name, then select My Security Credentials from the drop-down menu.

  1. Expand the Access keys panel, then click Create New Access Key.

  1. Click Show Access Key.

  1. Take note of your Access Key ID and your Secret Access Key.

  1. Set the ACL Id field to your AWS Web ACL Id.

  1. Set the ACL Name field to the name of your AWS Web ACL.

  1. Set the Proxy Type field to one of the following:
  • Application Proxy Settings: Use the web proxy settings configured in your Acunetix Settings.
  • No Proxy: Do not use a web proxy.
  • Custom: Use custom proxy settings only for this WAF configuration. You will need to set the Address and Port where the proxy server is listening. If the proxy server requires authentication, you will also need to set the username and password.

  1. Click Save in the top-right of the Add New Web Application Firewall page.

Sending vulnerability data to your WAF

To mitigate vulnerabilities found during your scanning activities, you can upload the required information to your WAF directly.

  1. Select Vulnerabilities from the Acunetix side menu.
  2. Click the checkbox next to each vulnerability you wish to mitigate.
  3. Click Export to.
  4. Select the WAF configuration you created earlier – for this example, we have used CloudFront Portal 01.

The export begins automatically.

 

« Back to the Acunetix Support Page