/
HOW TO USE WAF ON THE HI GIO PORTAL

HOW TO USE WAF ON THE HI GIO PORTAL

Owned by Tran Dai Quan
Jan 06, 2025
4 min read

Overview

This document guides how to use WAF on the HI GIO Portal to protect your virtual services from attacks and to proactively prevent threats.

  1. Configure Allowlist Rules for a Virtual Service

  2. Edit the WAF Signatures for a Virtual Service

Procedure

  1. 1. Configure Allowlist Rules for a Virtual Service

You can use the allowlist functionality to define match conditions and associated actions for the WAF to perform when processing a request.

Step 1: Log in to the HI GIO portal, select Networking > Edge Gateways > Select Edge Gateway name from the primary left navigation panel.

image-20250106-032538.png

Step 2: Select Virtual Services > Click the virtual service name on the Load Balancer menu.

image-20250106-033241.png

Step 3: Select the WAF tab > Allowlist Rules > NEW to create a new rule.

Step 4: Enter the rule name > To activate the rule upon creation, turn on the Active

toggle > Select match criteria > Select an action to apply upon a match > Add.

Match Criteria

Description

Match Criteria

Description

Client IP Address

  1. Select Is or Is Not to indicate whether to perform an action if the client IP matches or doesn't match the value that you enter.

  2. Enter an IPv4 address, or an IPv6 address, or a range, or a CIDR notation.

  3. (Optional) To add more IP addresses, click Add IP.

HTTP Method

  1. Select Is or Is Not to indicate whether to perform an action if the HTTP method matches or doesn't match the value that you enter.

  2. From the drop-down menu, select one or more HTTP methods.

Path

  1. Enter a path string.

  1. (Optional) To add more paths, click Add Path.

Host Header

  1. Select a criterion for the host header.

  2. Enter a value for the header.

Actions

Description

Actions

Description

Bypass

The WAF does not execute any further rules and the request is allowed.

Continue

Stops the allowlist execution and proceeds with WAF signature evaluation.

Detection Mode

The WAF evaluates and processes the incoming request, but does not perform a blocking action. A log entry is created when the request is flagged.

  1. 2. Edit the WAF Signatures for a Virtual Service

Step 1: In the WAF tab, under the General section > click EDIT to edit the WAF configuration

Step 2: Edit WAF general settings

Settings

 

Settings

 

WAF State

Active/Deactive

Mode

  • Detection: In this mode, WAF policy will evaluate the incoming request. A log entry is created when this request is flagged.

  • Enforcement: In this mode, WAF policy will evaluate and block the request based on the specified rules.

Step 3: In the WAF tab, under Signature Groups section, you can see the signature groups that are included in your WAF policy. You can see if they are actively in use or not. You can also see the number or the rules in each group that are active and the number of rules that have been overriden manually.

Step 4: Under Signature Groups, click the expand button on the left of the signature group that you want to edit.

Step 5: To edit the signatures of a group, click Edit Signatures and select an action > SAVE.