Data Theft Protection prevents unauthorized disclosure of confidential information, such as social security numbers, credit card information, and errors from web applications like Microsoft and MySQL. To avoid exposing this data, you can choose one of these options:
Block – The entire response page is blocked, if it contains the data theft pattern, like a credit card number.
Cloak – The response page is sent, but matching strings are partially overwritten with Xs, optionally displaying initial or trailing characters. You can see the pattern of the string, but cannot see the full value.
This protection can be applied to all or a portion of your application.
You must add elements that you want to block or cloak. Then, you can control options separately for each of the types of sensitive data.
Element types include:
Credit cards
Social security numbers
Directory indexing
Errors from Microsoft, Oracle, PHP, Postgres, and MySQL
Configure Data Theft Protection
To apply Data Theft Protection to all or a portion of your application, follow these steps:
From App Profiles, add Form Protection to the desired URL.
In the right side panel find Data Theft Protection and click on it.
In the Edit data theft protection section:
Status - Set to Enabled.
Exception Patterns - Enter the patterns to be allowed as exceptions that are part of an inbuilt or custom identity theft group. You can add a maximum of 15 patterns. For the predefined list of patterns, refer to the Protecting Against Identity Theft with Barracuda WAF-as-a-Service article.
Click Save.