What’s New in AppTrana? – A look into The Most Noteworthy WAF Updates In 2020
March 15, 2021
The year 2020 came with a whole new level of security incidents due to the sudden push to acceleration of digital transformation. While the digital assets faced dark trends, we are on the mission to make our web application firewall safer, in the name of maintaining your web apps safe from hackers. As a result, our product AppTrana gains few exciting new updates, making your application security experience even better. This blog will explain the recent significant updates in our WAF product.
1. Block Traffic from TOR IPs
The TOR, an acronym for “The Onion Router” is a system, which enables anonymous communication by masking the IP address of the user through encryption technique and a set of anonymous and private connections. Though TOR has legitimate uses, in practice the traffic from this network is tremendously malicious. Due to its large number of illegal uses, most businesses want to block access from TOR IPs.
Blocking traffics from the TOR network can block attackers from conducting system exploitation using the TOR network. On the other hand, if your site has a minimum risk of fraud, blocking TOR could restrict some legitimate users.
AppTrana WAF has updated a feature called TOR IP setting, which helps the customer to allow or block the traffic coming from TOR IPs.
By default, the TOR IPs are allowed to visit websites; customers have to unselect this option to block the traffic.
2. Customize File Upload
Many hackers try to upload viruses, code, or malware as file attachments while uploading files in form submission. AppTrana took an initiative to defend your network and beat such threats. We have introduced different file upload settings in the WAF profile. Through this, customers can restrict the file uploads to certain formats and defend the application against infected file uploads.
In addition, to allow or deny whether the end-user can upload media files or the documents on their website, they can define the maximum file size to be allowed.
Four options for granting access to files on their website are:
| Option | Action | |
| 1 | Block File Uploads | blocking upload of all files by unselecting Allow File Uploads |
| 2 | Allow All Files | blocking upload of non-document files & non-media files |
| 3 | Allow Documents | blocking upload of non-document files |
| 4 | Allow Media Files | blocking upload of non-media files |
3. Brand-new Email Alert Functionalities
AppTrana WAF is a risk management solution that monitors incoming and outgoing traffics of web applications and sends a notification to the customer when any alerts are triggered. Customers can customize alert rules to define how and when it sends an alert notification. As the alert notification has been inbuilt with the product; it’s time to upgrade to modern infrastructure, which will enable you to receive even better alerts into security events.
Here is the list of email alerts recently introduced in AppTrana:
| Alerts | Description | |
| 1 | SSL Certificate Expiry Alert Emails | SSL Certificate expiry alert email will be sent to all associated users that are administrators, view-only users, and website administrators. |
| 2 | WAF status change Alert Emails | When there is a change in the WAF status for the web application, an alert email will be sent to all users. |
| 3 | WAF Bypass Alert Emails | Whenever WAF is Bypassed or Unbypass, an alert email will be sent to all users. |
4. Updates on Traffic Summary
A new addition to the report section. Our web application firewall’s traffic summary has been enhanced with top 5 country details. WAF Customers can see the top 5 countries from where their web application is being visited. This is in an addition to the top 5 URI and top 5 IP in the traffic summary table. Also, help the customers to identify the most active regions.
By using AppTrana WAF, customers can develop a customized list to handle an automated approach for geographic blocking.
5. WAF Rule Updates
AppTrana’s preconfigured rules are complex rules with a myriad of signatures, compiled from regulatory standards. Along with this, we have added a new set of rules, which not only ensures better protection coverage, but also aids customers to stay on top of the more sophisticated vulnerabilities.
The table depicts examples of few added WAF rules:
| Rule Title | Update | |
| 1 | Improved Cross-site Scripting Attacks | Cross-site scripting attacks category has been improved to provide protection from various advanced cross-scripting attacks such as XSS JavaScript injection, Angular JS client-side injection, HTML injection, attribute injection, and modification of JavaScript global variable. |
| 2 | DoS/DDoS IP Threshold Based Policy v2.0 | This category has improved upon the basic DoS/DDoS protection provided by AppTrana to protect web-application against advanced DDoS attack. |
| 3 | Revamped Bot attacks | Bot Attacks signature has been revamped as well as new bot signatures like crawler and scrapper signatures are added to continuously protect web application from the emerging bot attack. |
As a leading security service company, Indusface strives to enhance and develop new features and aims to remain a company, which can deliver proactive security solutions to contribute to the cyberspace revolution. With these new updates and innovative features, it is possible for our customers to instantly start defending their web applications and servers.
Stay tuned for more product updates. If you want a deep dive into what’s new in our fully managed WAF product, feel free to connect with us.
