API
The Gcore Customer Portal is being updated. Screenshots may not show the current version.
WAAP
WAAP
Chosen image
Home/WAAP/WAAP policies/Behavioral WAF

Behavioral WAF

The Web Application and API Protection (WAAP) includes a Behavioral WAF policy group that helps prevent malicious attacks on your websites. The policy group contains a set of sophisticated user behavior and reputation analysis policies that inspect traffic and defend your website against threats such as spamming or brute force attacks.

This policy group is available in the Pro and Enterprise plans.

Configure policy group

You can review the Behavioral WAF policy group and enable or disable its policies in the Gcore Customer Portal:

1. Navigate to WAAP > Domains.

Domains page in the Customer Portal

2. Find the domain where you want to configure the policy and click the domain name to open it.

3. On the Policies page that opens, click Behavioral WAAP to expand the section and adjust the policies.

WAF policies page with the highlighted ehavioral WAF policy

All behavioral WAF policies are enabled by default. To disable a policy, turn on the toggle near that policy.

Anti-spam

Use CAPTCHA and JavaScript validation when user activity during a session suggests aggressive use of forms to, for instance, generate new accounts or post spam content.

Probing and forced browsing

Use CAPTCHA and JavaScript validation to challenge brute-forced requests on random URLs, which might aim to discover your web application’s structure and hidden directories. Requests that fail to pass the validation will be blocked.

Obfuscated attacks and zero-day mitigation

Block clients that perform multiple injection attacks.

Repeated violations

Present with CAPTCHA or block those clients that failed to answer a previously displayed challenge. Requests that fail to pass the validation will be blocked.

Brute-force protection

Present users with CAPTCHA when there’s an attempt to guess usernames and passwords on web login forms. If the client fails to pass the validation after a few attempts, the request will be blocked.

Was this article helpful?