Overview of Web Application Firewall
Oracle Cloud Infrastructure Web Application Firewall (WAF) is a regional-based and edge enforcement service that is attached to an enforcement point, such as a load balancer or a web application domain name. WAF protects applications from malicious and unwanted internet traffic. WAF can protect any internet facing endpoint, providing consistent rule enforcement across a customer's applications.
If you want to use WAF for edge enforcement, see Edge Policies for more information.
WAF provides you with the ability to create and manage rules for internet threats including Cross-Site Scripting (XSS), SQL Injection, and other OWASP-defined vulnerabilities. Access rules can limit based on geography or the signature of the request.
Describes concepts associated with a web application firewall (WAF).
- Access Control
- Access control encompasses request and response controls.
Actions are objects that represent one of the following:
- Allow: An action, which upon matching rule, skips all remaining rules in the current module.
- Check: An action which does not stop the execution of rules in current module. Instead it generates a log message documenting result of rule execution.
- Return HTTP response: An action which returns a defined HTTP response.
- Each rule accepts a JMESPath expression as the condition. HTTP requests or HTTP responses (depending on the type of rule) trigger WAF rules.
- The Firewall resource is a logical link between a WAF policy and an enforcement point, such as a load balancer.
- Network Address List
- Network address lists are collections of individual public IP addresses and CIDR IP ranges or private IP addresses used by WAF policies.
- Your web application's origin host server.
- Protection Rule
- Protection rules are sets of protection capabilities that are used to determine if traffic should be logged, allowed, or blocked. The WAF will observe traffic to your web application. To view a list of available WAF rules, see Protection Rules for Web Application Firewall.
- Rate Limiting
- Rate limiting allows inspection of HTTP connection properties and limits the frequency of requests for a given key.
- Request Control
- Request control allows inspection of HTTP request properties and to return a defined HTTP response.
- Request Protection Rules
- Request protection rules enable the checking of HTTP requests for malicious content and to return a defined HTTP response.
- Response Control
- Response control allows inspection of HTTP response properties and to return a defined HTTP response.
- Web Application Firewall (WAF)
WAF is a Payment Card Industry (PCI) compliant, global security service that protects applications from malicious and unwanted internet traffic.
Authentication and Authorization
Each service in Oracle Cloud Infrastructure integrates with IAM for authentication and authorization, for all interfaces (the Console, SDK or CLI, and REST API).
An administrator in your organization needs to set up groups , compartments , and policies that control which users can access which services, which resources, and the type of access. These policies control who can create users, create and manage the cloud network, launch instances, create buckets, download objects, and similar tasks. For more information, see Getting Started with Policies. For specific details about writing policies for each of the different services, see Policy Reference.
If you’re a regular user (not an administrator) who needs to use the Oracle Cloud Infrastructure resources that your company owns, contact your administrator to set up a user ID for you. The administrator can confirm which compartment or compartments you should be using.
Creating Automation with Events
You can apply tags to your resources to help you organize them according to your business needs. You can apply tags at the time you create a resource, or you can update the resource later with the wanted tags. For general information about applying tags, see Resource Tags.