Web App Firewall service actions

Security Insight

Web and web service applications that are exposed to the Internet have become increasingly vulnerable to attacks. To protect applications from attack, you need visibility into the nature and extent of past, present, and impending threats, actionable data on attacks, and recommendations on countermeasures. Security Insight provides a single-pane solution to help you assess your application security status and take corrective actions to secure your applications. Security Insight is an intuitive dashboard-based security analytics solution that gives you full visibility into the threat environment associated with your applications. You can view reports based on Application Firewall profile settings by using the Security Insight option in the Action menu of the Citrix Web App Firewall service GUI.

Security Insight profile settings

SSL certificate and keys

An SSL certificate, which is a part of any SSL transaction, is a digital data form (X509) that identifies a company (domain) or an individual. The certificate has a public key component that is visible to any client that wants to initiate a secure transaction with the server. The corresponding private key, which resides securely on the Citrix ADC appliance, is used to complete asymmetric key (or public key) encryption and decryption.

You can obtain an SSL certificate and key in either of the following ways:

  • From an authorized certificate authority (CA), such as Verisign.
  • By generating a new SSL certificate and key on the Citrix ADC appliance

Alternately, you can use an existing SSL certificate on the appliance.


Citrix recommends you to use certificates obtained from authorized CAs, such as VeriSign for all SSL transactions. Certificates generated on the appliance must be used for testing purposes only and not for live deployments.

SSL certificate and keys for secure transaction

HTML error pages

You can import HTML error objects to the application firewall by using the configuration utility. You can edit these files in a web-based text area after importing them instead of editing it on your computer and then reimport them. Finally, you can export any of these files to your computer, or delete any of these files, by using the configuration utility.

To add HTML error pages:

Add HTML error pages


The application firewall signatures function provides specific, configurable rules to simplify the task of protecting your websites against known attacks. A signature represents a pattern that is a component of a known attack on an operating system, web server, websites, XML-based web service, or other resource.

Citrix Web App Firewall signatures

Web App Firewall service actions