Firewall & CDN overview

If you need to bypass the Firewall & CDN and send traffic directly to the origin server, you can call the setWafBypass method. The getWafBypass method is used to retrieve the current bypass state of the Firewall & CDN.

Firewall & CDN validates the SSL/TLS certificate installed on the user’s site. You may choose to use a SiteLock-generated SSL/TLS certificate or upload your own certificate. The uploadWafCertificate method uploads the user’s certificate for use with the Firewall & CDN instead of using a SiteLock-generated certificate. The removeWafCertificate method removes the previously uploaded SSL certificate from the Firewall & CDN.

If the Firewall & CDN had been provisioned without SSL, and a SiteLock-generated SSL/TLS certificate was added later, call enableWafSSL to trigger the SSL validation step. To remove the certicate, call disableWafSSL.

The access control list (ACL) rules and exceptions allow you to fine-tune such configuration settings as blacklisted or whitelisted IP addresses and URLS, countries and bots, and many more.

The getWafAclOverview method returns the current ACL for a site. You can retrieve the current Firewall & CDN rules policy, including all available options, using the getWafSettings method. The setWafSettings method updates the Firewall & CDN rules policy.

To retrieve a list of web-based applications and bots that can be blacklisted to prevent access or whitelisted to allow access, call getWafClientAppInfo. To retrieve a list of continents and countries, call getWafGeoInfo.

If you want to manage exceptions to rules, use the addWafException, alterWafException, and removeWafException methods.

The getWafUrlBlacklist, addWafBlacklistUrls, and removeWafBlacklistUrls methods are intended to manage the URL blacklist.

You can manage the geographical blacklist by using the getWafGeoBlacklist, addWafBlacklistGeo, and removeWafBlacklistGeo methods to block or allow visitors from specific countries and continents.

To control a whitelist of IP addresses and allow visitors from particular IP addresses, use getWafIPWhitelist, addWafWhitelistIPs, and removeWafWhitelistIPs. If you need to view or manage blacklisted IPs, call getWafIPBlacklist, addWafBlacklistIPs, and removeWafBlacklistIPs.

Files determined to be malicious backdoors may be automatically quarantined to prevent malicious actions. To obtain a list of quarantined files, use getWafQuarantine. To remove files from quarantine, call removeWafQuarantine.

To obtain traffic statistics for a site, invoke getWafResults. In case you need more details on the traffic, use getWafDetailResults.