Home > Operation and Maintenance > Safety > How to deploy Web Application Firewall JXWAF

How to deploy Web Application Firewall JXWAF

WBOY
Release: 2023-05-29 16:47:16
forward
1378 people have browsed it

JXWAFOverview

JXWAF is an open source web application firewall that can be used to protect against SQL injection vulnerabilities, XSS vulnerabilities, command execution breaches, etc. Common OWASP attacks, CC attacks, etc., to avoid website data leakage and ensure website availability and security.

Functional features

1. Web application attack protection

Based on semantic recognition protection engine to defend against SQL injection, XSS attack, Webshell addition, Directory traversal extensions, command injection, scan protection, and more.

2. Intelligent protection against CC attacks

Controls the access frequency of a single source IP and provides comprehensive protection based on the number of accesses per unit time. The human-machine recognition algorithm specially developed for CC attack protection can intelligently switch protection modes according to business load, and is especially suitable for protecting against massive IP slow request attacks. By realizing automatic blocking and automatic unblocking, the IP addresses of malicious attacks can be managed without human intervention, which can effectively reduce operating costs.

3. Custom rule protection

Supports condition combinations of commonly used HTTP segments such as IP, URL, BODY, User-Agent, etc., and supports protection scenarios such as hotlink protection and website background protection.

4. IP black and white list

The difference between quickly adding a black and white list and adding an IP black and white list for custom rule protection is that the IP black and white list can be added in large quantities through hash matching, and has basically no impact on performance. Influence.

5. Regional ban

Banning is based on the country or region to which the IP belongs.

6. Interception page customization

You can customize the page to improve user experience.

Application Scenario

JXWAF is developed based on openresty (nginx lua) and supports cloud native deployment. Users can deploy JXWAF to Alibaba Cloud, Tencent Cloud or a server in a self-built computer room, that is, it can be used independently Deployment, you can also utilize the deployment, and use load balancing or dns to build a private cloud WAF deployment. Supports protection of HTTP, HTTPS, and HTTP2 traffic of the website, and supports deployment, embedded deployment, cloud WAF deployment, and partition deployment.

JXWAF can help you solve the following problems:

Prevent data leakage and avoid core data of the website caused by injection expansion, command execution interruption, etc. offset. CC attack protection, blocks malicious requests and ensures website availability. Business security protection.

Step1:Install environment dependencies

How to deploy Web Application Firewall JXWAF

Step2:Download openresty

How to deploy Web Application Firewall JXWAF

Step3:Unzip openresty

How to deploy Web Application Firewall JXWAF

Step4:Switch to the openresty directory and view

How to deploy Web Application Firewall JXWAF

#Step5:Compile and install openresty

How to deploy Web Application Firewall JXWAF

# #Step6:Compile and install

How to deploy Web Application Firewall JXWAF

##Step7:

Edit configuration environment variables

How to deploy Web Application Firewall JXWAF##Step8:

Add configuration environment variables

How to deploy Web Application Firewall JXWAFStep9:

Effective immediately

How to deploy Web Application Firewall JXWAF##Step10:WAF

Download

##Step11:How to deploy Web Application Firewall JXWAFSwitch to Under the jxwaf directory

Step12:How to deploy Web Application Firewall JXWAFGive running permission

Step13:How to deploy Web Application Firewall JXWAFRun install.waf.sh installation script

How to deploy Web Application Firewall JXWAF

Step14:Openwww.jxwaf.comClick to log in, Then click Register and fill in the electronic fuel tank and picture verification code

How to deploy Web Application Firewall JXWAF

Step15:Fill in your email and password , and the verification code of the receiving email address

How to deploy Web Application Firewall JXWAF

##Step16:Registration successful

How to deploy Web Application Firewall JXWAF

Step17:Use the registered account to log in to the backend, Copy the api and email verification codes separately .

How to deploy Web Application Firewall JXWAF

##Step18:

Switch to the tools directory

How to deploy Web Application Firewall JXWAF

Step19:

Configure the api key value and api password value

How to deploy Web Application Firewall JXWAF

Step20:

Run nginx

How to deploy Web Application Firewall JXWAF##S

tep21:Enter the background to add the website domain name or IP address

How to deploy Web Application Firewall JXWAF##Step22:

The protection rules have been added and the necessary protection strategies can be enabled as needed.

##Through personal experience, installation and deployment on the local client, you first need to install the dependent installation package and web server nginx support, because this application firewall There are many modules that require their linkage. JXWAF is configured through the console or a script in the tools directory. Start openresty to reload the jxwaf management center to pull the latest rules configured by the user to complete the entire website protection process. How to deploy Web Application Firewall JXWAF

The above is the detailed content of How to deploy Web Application Firewall JXWAF. For more information, please follow other related articles on the PHP Chinese website!

Related labels:
source:yisu.com
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template