Web App Firewall service actions
Web and web service applications that are exposed to the Internet have become increasingly vulnerable to attacks. To protect applications from attack, you need visibility into the nature and extent of past, present, and impending threats, actionable data on attacks, and recommendations on countermeasures. Security Insight provides a single-pane solution to help you assess your application security status and take corrective actions to secure your applications. Security Insight is an intuitive dashboard-based security analytics solution that gives you full visibility into the threat environment associated with your applications. You can view reports based on Application Firewall profile settings by using the Security Insight option in the Action menu of the Citrix Web App Firewall service GUI.
SSL certificate and keys
An SSL certificate, which is a part of any SSL transaction, is a digital data form (X509) that identifies a company (domain) or an individual. The certificate has a public key component that is visible to any client that wants to initiate a secure transaction with the server. The corresponding private key, which resides securely on the Citrix ADC appliance, is used to complete asymmetric key (or public key) encryption and decryption.
You can obtain an SSL certificate and key in either of the following ways:
- From an authorized certificate authority (CA), such as
- By generating a new SSL certificate and key on the Citrix ADC appliance
Alternately, you can use an existing SSL certificate on the appliance.
Citrix recommends you to use certificates obtained from authorized CAs, such as
VeriSignfor all SSL transactions. Certificates generated on the appliance must be used for testing purposes only and not for live deployments.
HTML error pages
You can import HTML error objects to the application firewall by using the configuration utility. You can edit these files in a web-based text area after importing them instead of editing it on your computer and then reimport them. Finally, you can export any of these files to your computer, or delete any of these files, by using the configuration utility.
To add HTML error pages:
The application firewall signatures function provides specific, configurable rules to simplify the task of protecting your websites against known attacks. A signature represents a pattern that is a component of a known attack on an operating system, web server, websites, XML-based web service, or other resource.