Q&A: What Additional Protection Does Silverline WAF Services Offer Besides the Default Blocking Modules?


What Additional Protection Does Silverline WAF Services Offer?


Default Modules currently in scope of support (WAF Setup: Blocking Phases)

  • Default List includes:
    • Phase 1:
      • Attack Signatures
      • Illegal Status in HTTP Response
      • Illegal Method
      • Illegal URL (if configured, otherwise save for phase 3)
    • Phase 2:
      • Cookie not RFC-Compliant
      • Disallowed File Upload Content Detected
      • Evasion Technique Detected
      • Failed to Convert Character
      • HTTP Protocol Compliance Failed
      • Request Length Exceeds Defined Buffer Size
      • Mandatory HTTP Header is Missing
    • Phase 3:
      • Parameter related violations (when configured)
      • Illegal File Type
      • Illegal Redirection Attempt
      • Modified Domain Cookies
      • Illegal URL (for allowed URLs, when appropriate for the application)
      • Malformed JSON data
      • Malformed XML data



  • Silverline WAF
    • WAF policy/policies



  • The following list of Additional Modules / Configurations are not enabled by default,
  • but they can be enabled in consultation with the SOC and/or in response to specifically identified application protection requirements. 
  • Such modules are transitioned to blocking as agreed between the SOC and the Customer, and they are not considered part of any specific Phase as part of WAF Setup: Blocking Phases.

Additional Modules / Configurations

Related Content

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request