It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Vulnerability Remediation Service

Understanding Passive Mode and Active Mode

  • Last updated on

The differences between these two modes, and where they are used, can be confusing. This article aims to clarify the differences between the two modes.

Where you can make the settings:

  • In the Barracuda Web Application Firewall, you can configure a service (site) in two modes: Passive Mode and Active Mode
  • In the Barracuda Vulnerability Remediation Service, you can also mitigate a single vulnerability in either Passive Mode or Active Mode .

What the settings mean:

  • In Passive Mode, the Barracuda Web Application Firewall monitors for security violations and logs them, but does not block them. 
Important

In Passive Mode, the Barracuda Web Application Firewall does not secure your application. This mode is intended for temporary testing only.

  • In Active Mode, the Barracuda Web Application Firewall monitors for security violations and blocks them, thereby ensuring they do not reach your server.

Barracuda Networks recommends:

Mitigate vulnerabilities temporarily in Passive Mode, monitor the logs to ensure no issues arise, and then switch them to Active Mode

For more information on the recommended workflow for the Barracuda Vulnerability Remediation Service, see Step 3: Scan and Remediate Vulnerabilities.

Note that both the service (site) and a particular vulnerability mitigation must be in Active Mode to block violations, as shown here:

Setting of Service
(on Barracuda WAF)

Setting for Mitigating Vulnerability
(on Barracuda Vulnerability Mitigation Service) 

Effect

Passive Mode

Passive Mode

Passive Mode

Passive Mode

Active Mode

Passive Mode

Active Mode

Passive Mode

Passive Mode

Active Mode

Active Mode

Active Mode