Follow

Q&A: What Information Does Silverline WAF Team Need to Configure CSRF Protection?

Question

Silverline WAF policy has a setting to enable CSRF protection and as a customer I would like to implement CSRF protection.

  • What information do we need to provide to Silverline SOC to get CSRF protection enabled/configured? 

 

Environment

  • Silverline WAF
  • WAF policy/policies
    • CSRF protection 

 

Answer

  • Silverline does support CSRF protection via the WAF policy. There are two related modules
    • CSRF attack detected - ensures that the request is legitimate and comes from the web application itself and not from a clicked link or embedded malicious HTML or JavaScript that resides on other web applications.
    • CSRF authentication expired - An expiration time that was set for the CSRF token and when the token expires the WAF policy will throw a violation
  • To configure CSRF
    1. Please state the WAF policy/policies that you want to enable CSRF protection.
    2. Provide "Origin Name" and if "Include Sub-Domains", "Allowed methods".
    3. CSRF attack detectedCSRF authentication expired, or both modules that you want to enable
      • To configure CSRF attack detected, please provide the URIs that you wish to enable CSRF protection
        • Explicit URIs or Wildcard URIs are supported
          • Valid examples include:
            • /login

              /index.html

              *

              /mailbox*

               
      • CSRF authentication expired module does not work if CSRF module is not enabled
        • To enable this feature, how long should the token be valid? By default, we set it at 600 seconds or 10 minutes.
      • Finally, do you want the Module(s) in Alarm or Blocking mode?

 

Related Content

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request