The “Web Application Firewall” (WAF) module is located in “Security” menu. This module is tracking and conditionally blocking all HTTP/HTTPS incoming and outgoing traffic from web-application, installed on ICS CUBE or inside of the local network. By HTTP/HTTPS traffic analysis, WAF can prevent attacks, based on known security shortcomings in Web-applications, like: SQL injections, inter-site scripting (XSS), files execution, misconfigured security.
In the module you can see summary of all system messages of the module with timestamps.
The log is divided into pages, you can navigate through it using “next” and “previous” buttons, or you can enter the number of the page you need. The log messages are coloured depending on theirs type. Usual system messages are white, system condition messages (turned on/off) are green, warnings are yellow and errors are red.
In the right top corner of the module there is a search line. And also there is an opportunity of choosing a period of log to be shown. By default log is shown for the current day. If necessary, you can save the log to a file, using the “Export” button, or delete the log data for a certain period, using the “Delete logs” button.
To turn the filtering on or off, you need to check the corresponding box when adding or editing a Virtual host / Virtual host with reverse proxy), placed into the “Fileserver” menu - “Web” - “Web resources” tab. It should be noted that the web-server should be up and running.