Firewall protects your website from various malicious bots, brute force attacks, SQL injections, path traversal attacks, DOS attacks and many other known types of attacks.
WAF Learning Mode
WebTotem Firewall is based on the AI, therefore, it needs some learning time to protect your web-resource to the fullest. In most cases, the learning process takes up to two days.
We built WAF in a way that you can see everything that triggers it on your dashboard. However, not everything that triggers WAF can be classified as an attack. Our AI goes through the triggers’ causes and decides whether to block them. Doing so, we ensure that there are no "false positives" and no harm to your website has been made. However, if you feel the urge to take action, you can use our blacklisting feature to stop any given IP from accessing your website.
WAF settings allow you to control the configuration of the advanced tools.
GDN (Global Defense Network)
GDN technology implies protection of all systems that are in one global network. If you enable GDN, a user, who is blacklisted by another site, will not have access to your site. With this option, you can protect your site from potential hackers and bots even before they start attacking your site.
Our WAF prevents DoS attacks. A denial-of-service (DoS) attack is a type of a cyber attack, in which a malicious party aims to make your site unavailable to its intended users by interrupting the site’s normal functioning.
In the WAF settings you can set properties for the DoS protection feature by typing the number of authorized requests per minute (from 500 to 10000 requests).
Brute force attacks are also in our WAF's scope of work. In the WAF settings you can limit accessible login attempts per minute (from 5 to 30 attempts).
Set your own WAF rules by allowing or denying access to your website to certain IP addresses in the WAF settings. You can add both IPv4 and IPv6. Moreover, you can add a family of IP addresses at once. You can do this in two ways:
- Using a wildcard. For example: 192.168.1.* (the set of all IP addresses, where the last number of the IP address can take any value from 0 to 255)
- With diapasons. For example: 192.168.1.1-192.168.1.10 (the set of all IP addresses that fall into this range)
423 access denied 423 code with access denial means that there were too many suspicious requests from one IP address.
If you are a web application admin or the owner, please add your IP to the allow list. To do so, proceed to your firewall page in the WebTotem dashboard, find settings and click the advanced options, where you can find the allow list feature.
If, for any reason, you did not succeed, you can turn off the firewall completely, by clicking the Settings on the right corner of your All stats page.