Apache
Open your Apache configuration file with your favourite text editor. Insert the following lines at the end of the httpd.conf or apache2.conf file. On Debian you can find the configuration file usually at /etc/apache2/httpd.conf or at /etc/apache2/apache2.conf The location of this file is set at compile-time, but may be overridden with the -f command line flag.
You can use the
find / -name 'apache2.conf' -print or with find / -name 'httpd.conf' -print command to find the location of the file. <IfModule remoteip_module>
RemoteIPHeader X-Forwarded-For
RemoteIPInternalProxy INSERT YOUR IP ADDRESS(ES) HERE
</IfModule>Nginx
If you use Nginx to server your pages then you will need to insert these lines to the Nginx config:
The config file is usually located at /etc/nginx/nginx.conf.
set_real_ip_from 192.168.0.0/16;
set_real_ip_from 127.0.0.0/8;
set_real_ip_from <INSERT YOUR IP ADDRESS(ES) HERE>;Enable the WAF module
Now we can enable the WAF module if it was not enabled yet. You can enable the module from the Dashboard by clicking on the “Show modules” button and then click on the Switch button next to the WAF 2.0 module.
Settings
You can reach the WAF module’s settings by clicking on the Firewall menu point at the top then select the Web Application Firewall menu point.
You can reach the WAF module’s settings by clicking on the Firewall menu point at the top then select the Web Application Firewall menu point.
Lets test WAF.
You can test if the WAF module is working if you add
You can also test the module by following this GUIDE.
You can test if the WAF module is working if you add
/?test=/etc/passwd after one of the domains hosted on the server. e.g.: www.example.com/?test=/etc/passwd It will trigger the WAF module.You can also test the module by following this GUIDE.