¶ Firewall
The Firewall protects your website from various malicious bots, brute force attacks, SQL injections, path traversal attacks, DOS attacks, and many other known types of attacks.
¶ WAF Learning Mode
The WebTotem Firewall is based on AI, which requires some learning time to protect your web-resource to the fullest. Typically, the learning process takes up to two days.
We designed the WAF so that you can see everything that triggers it on your dashboard. However, not everything that triggers the WAF is classified as an attack. Our AI analyzes the triggers' causes and decides whether to block them, ensuring there are no “false positives” and no harm to your website has been done. If necessary, you can use our blacklisting feature to block any given IP from accessing your website.
¶ WAF settings
WAF settings allow you to control the configuration of the advanced tools.
¶ GDN (Global Defense Network)
GDN technology implies protection of all systems that are in one global network. If you enable GDN, a user blacklisted by another site will not have access to your site. With this option, you can protect your site from potential hackers and bots even before they start attacking your site.
¶ DoS Protection
Our WAF prevents DoS attacks. A denial-of-service (DoS) attack is a type of a cyber attack, in which a malicious party aims to make your site unavailable to its intended users by interrupting the site’s normal functioning.
In the WAF settings you can set properties for the DoS protection feature by typing the number of authorized requests per minute (from 500 to 10000 requests).
¶ Login Attempts
Brute force attacks are within the scope of our WAF. In the WAF settings, you can limit accessible login attempts per minute (from 5 to 30 attempts).
¶ Allow/Deny Lists
You can set your own WAF rules by allowing or denying access to your website to certain IP addresses in the WAF settings. Both IPv4 and IPv6 addresses can be added. Moreover, you can add a family of IP addresses at once. You can add a range of IP addresses using two methods:
- Using a wildcard: For example, 192.168.1.* (all IP addresses where the last number can be from 0 to 255).
- Using ranges: For example, 192.168.1.1-192.168.1.10 (all IP addresses within this range).
¶ 423 access denied
The 423 access denied code indicates too many suspicious requests from one IP address.
If you are a web application admin or the owner, please add your IP to the allow list. To do so, go to your firewall page in the WebTotem dashboard, find settings, and click the advanced options where you can find the allow list feature.
If, for any reason, you did not succeed, you can turn off the firewall completely, by clicking the Settings on the right corner of your All stats page.
¶ Country Blocking
To block requests from specific regions, go to the WAF settings and click the "Block countries" button.
Select the countries you want to block and click “SAVE.”
After this, all requests to your site from the selected regions will be blocked.
