Challenge 4 - Task 4 of 6
Configure Web Application Firewall to Protect Web Server Against XSS Attack
Scenario
You have to protect web applications hosted on OCI from cross-site scripting (XSS) attacks. You can use the OCI Web Application Firewall (WAF) capabilities to create rules that compare against incoming requests to determine if the request contains an XSS attack payload. If a request is determined to be an attack, WAF should return the HTTP Service Unavailable (503) error.
To ensure that the configured WAF blocks the XSS attack, run the following script:[http:// /index.html? ) To complete this deployment, you have to perform the following tasks in the environment provisioned for you: Configure a Virtual Cloud Network (VCN) Create a Compute Instance and install the Web Server Create a Load Balancer and update Security List Create a WAF policy Configure Protection Rules against XSS attacks Verify the created environment against XSS attacks Note:You are provided with access to an OCI Tenancy, an assigned compartment, and OCI credentials. Throughout your exam, ensure to use the assigned Compartment 99233424-C01 and Region us-ashburn-1. Complete the following task in the provisioned OCI environment: Create a WAF policy with the nameIAD-SP-PBT-WAF-01_99233424-lab.user01 Eg: IAD-SP-PBT-WAF-01_99232403-lab.user02 SOLUTION: From the navigation menu, select Identity & Security. Navigate to Web Application Firewall and click Policies under it. From the left navigation pane, under List Scope, select <your working compartment> from the drop-down menu. Click Create WAF Policy. The Create WAF Policy dialogue box appears. Creating a WAF policy consists of the following sections accessible from the left-side navigation: a) Basic information b) Access control c) Rate limiting d) Protections e) Select enforcement point f) Review and create. In the Basic Information section: a) Name: IAD-SP-PBT-WAF-01_99233424-lab.user01 b) WAF Policy Compartment: Select your working compartment c) Action: Keep the default preconfigured actions; do not edit. d) Click the Select enforcement point section accessible from the left-side navigation. Note: You will configure the other section later in this practice. You will directly configure the Enforcement point. In the Select enforcement point section:a) Add Firewalls: Select a load balancer IAD-SP-PBT-LB-01 in your current compartment from the list. b) Click Next for Review and Create. Under the Review and Create Section:a) Verify the enforcement point added in the previous step. Click Create WAF Policy. The Create WAF Policy dialogue box closes, and you are returned to the WAF Policy page. The WAF policy you created is listed.
Karon
6 months agoNguyet
6 months agoWillodean
6 months agoAdelina
6 months agoLynelle
6 months agoElsa
6 months agoEmilio
6 months agoAlonzo
7 months agoElsa
7 months agoEmilio
7 months agoAlonzo
7 months ago