Skip to content

Managing the firewall

The web application firewall that is provided by Quant uses industry best practices as a starting position to help you portect your origin servers.

This configuration makes attempts to account for various types of common usage patterns — however it will not take into consideration architecture decisions that have been made for your application.

When enabling the WAF you need to ensure that you can identify blocks and add exceptions. This will allow you to tune the WAF to meet your requirements.

Identifying breaches

When the WAF blocks a request it will create a log message identifying which rule has been breached. These logs can be accessed from your Quant Dashboard.

Quant WAF logs

Each log entry will include the following information:

FieldExampleDescription
IP Address10.0.0.1The requests originating IP address
LocationAUThe geolocation of the IP address
TypewafWhich type of block was triggered
ModereportThe mode that the WAF was operatiing in when triggered
Rule ID93210The ruleset rule id that triggered the block
Domaintest.comThe domain that triggered the WAF
URL/homeThe URL path that was restricted
MethodGETThe request method that was used
User agentpython-requestsThe user agent of the connecting client

The logs can be used when tuning the WAF and the request details can be used in the configuration of the WAF rule to allow/disallow the request pattern.