Websites

The Service Websites page includes the following sections. Click on the link to go to the corresponding section to learn more:

To go to the documentation for the previous section of the manual, see Dashboards. To go to the documentation for next subsection in the Services section, see Global.

To manage website security profiles, under Services on the left panel, click Websitesto go to the Website Overview page.

To save configuration changes or edits you make to any features and options, you must click Save on the lower-right of the section or page where you are making changes. Click apply changes on the upper-left corner of the page, and then click OK. Your changes will not be stored if you do not properly save your changes.

The Website menu gives access to all configuration options related to website security profile, management, ACL administration, security logging, and settings.

Website lists

Displays the list of configured website security profiles in the system. The list shows the ID, Name, Deploy, Virtual web server, which IP it Listens to, Real web server, Status and current running Mode for each configured proxy.

Selecting a website proxy for management

To manage a configured proxy, click on it in the defined proxies list.

Changing operating mode

In the list of configured website proxies, select an operating mode from the Mode drop-down menu for the website proxy to be changed.

Adding a website

To add a website, under Services on the left panel, click Websites, and then click Add Website.

Virtual web server

Deployment

Drop-down list

The proxy deployment mode.

Valid input

Select option from list

Default value

Reverse Proxy

For a description of the deployment options, see .

Web server protocol

Drop-down list

Select the web server protocol.

HTTP

Standard non-encrypted HTTP site.

HTTPS

SSL/TLS HTTPS website

Both

Create a website that responds to both HTTP and HTTPS requests.

Depending on the deployment architecture, HTTP and Both may not be available in cloud environments.
Web server domain name

Input field

The public address of the web server you want to add a proxy for.

Valid input

A fully qualified domain name

For SSL proxies the string can be no longer than 64 characters due to a limitation in the OpenSSL library when generating the initial self signed certificate.

Input example

www.mydomain.com

Default value

none

For SSL websites that require the domain name to be longer than 64 characters, you can initially use a shorter domain name and then add the real domain name as a virtual host alias when the website is created.
Listen IP

Select combo

The IP address the virtual host is bound to.

Select an IP address, and then click Add or Remove to change the IP address configuration.

Valid input

One or more IP addresses in the select list to the left.

Default value

The IP address(es) configured when creating the website proxy.
HTTP listen port

Input field

The port number the virtual HTTP host is listening to.

Valid input

A valid TCP/IP Port number

Input example

80

Default value

The port number set for the server when created.
HTTPS listen port

Input field

The port number the virtual HTTPS host is listening to.

Valid input

A valid TCP/IP Port number

Input example

443

Default value

The port number set for the server when created.

Real web servers

Real server protocol

Drop-down list

HTTP or HTTPS

Valid input

Options from the drop down list

HTTP or HTTPS

HTTPS is only available if website virtual host is SSL-enabled.

Default value

The protocol initially set when the website proxy was created.
Validate real servers

Check box

When enabled, Alert Logic Managed Web Application Firewall (WAF):

  1. Verifies that the real servers entered respond to requests

  2. Enables health checking with an initial simple configuration

If one or more of the real servers are not reachable WAF returns an error. To disable real server validation, clear this option.

Default: <disabled>
Real server IP

Input field

Hostname or IP address of the web-server(s) WAF is proxying requests for.

Valid input

Fully qualified hostname (FQDN) or IP address.

Input example

web1.mycompany.com

10.10.10.10

Default value

<none>

Port

Input

The port number the real server is listening to.

Valid input

A valid TCP/IP Port number

Default value

80

Role

Drop-down list

Define the servers role in the load balancing set.

Active

The server is operative and accepts requests.

Backup

The server is operative but should only be sent requests if none of the other servers in the load balancing set are available.

Down

The server is nor operative and will not respond to requests.

Default proxy

When enabled, the proxy is used as the default host for requests for the IP address the proxy is configured to listen to. The default proxy responds to all requests for virtual hosts that are not configured as primary host name or as a virtual host for other proxies listening to the same IP address. This way it is possible to configure a single proxy that serves requests for several host names that are served by the same backend web server without having to add all the virtual host names in WAF.

Initial operating mode

Set the initial operating mode for the website proxy. Operating modes are sets of configurations defining what violations to block and what violations to just log. Two configurable and one non-configurable presets are available.

Protect

The Protect mode preset by default blocks and logs all violations according to the access policy.

Detect

In the default Detect mode, preset only logging occurs and no blocking protection is activated. Blocking protection that would occur in Protect is logged and available for review in the deny log. Operating in the default Detect preset is similar to an intrusion detection system, which detects and logs activities, but does not protect or prevent policy violations.

Pass

In Pass mode, all requests are passed through the website proxy. No requests are blocked and no logging is performed. No filters are active in Pass mode, and is not configurable.

Initial operating mode selection is only available in WAF licenses. For load balancer licenses, the operating mode is Pass.

Removing a proxy

In the website overview, click the delete icon () on the right of the website proxy you want to remove.