I don’t use any control panel

You are here:
Estimated reading time: 1 min

Apache

Open your Apache configuration file with your favourite text editor. Insert the following lines at the end of the httpd.conf or apache2.conf file. On Debian you can find the configuration file usually at /etc/apache2/httpd.conf or at /etc/apache2/apache2.conf The location of this file is set at compile-time, but may be overridden with the -f command line flag.

You can use the find / -name 'apache2.conf' -print or with find / -name 'httpd.conf' -print command to find the location of the file.
<IfModule remoteip_module>
    RemoteIPHeader X-Forwarded-For
    RemoteIPInternalProxy INSERT YOUR IP ADDRESS(ES) HERE
</IfModule>

Nginx

If you use Nginx to server your pages then you will need to insert these lines to the Nginx config:
The config file is usually located at /etc/nginx/nginx.conf.

set_real_ip_from 192.168.0.0/16;
set_real_ip_from 127.0.0.0/8;
set_real_ip_from <INSERT YOUR IP ADDRESS(ES) HERE>;

Enable the WAF module

Now we can enable the WAF module if it was not enabled yet. You can enable the module from the Dashboard by clicking on the “Show modules” button and then click on the Switch button next to the WAF 2.0 module.

Settings

You can reach the WAF module’s settings by clicking on the Firewall menu point at the top then select the Web Application Firewall menu point.
Lets test WAF.

You can test if the WAF module is working if you add /?test=/etc/passwd after one of the domains hosted on the server. e.g.: www.example.com/?test=/etc/passwd It will trigger the WAF module.

You can also test the module by following this GUIDE.

Was this article helpful?
It was not helpful
Views: 572