Follow these steps to configure Barracuda WAF-as-a-Service to protect your web applications. For an overview of the traffic flow you will have created through this process, refer to Understanding Traffic Flow with Barracuda WAF-as-a-Service.
A. Configure Barracuda WAF-as-a-Service
Navigate to https://waas.barracudanetworks.com/ and log in with your Barracuda account credentials.
If you do not already have a Barracuda account, click Free 30-Day Trial to sign up for a trial of WAF-as-a-Service.At the top of the page, select Applications. Then click Add Application.
Websites: Enter a familiar name for the application you want to protect. Then enter all possible DNS domains your users will use to access this service, including different forms, like
www.example.com
andexample.com
. Click Continue.
Endpoints: Select one or more protocols and associated ports that Barracuda WAF-as-a-Service should listen on to protect your application. For HTTP traffic, you can choose if you want to add security by redirecting HTTP traffic to the more secure HTTPS protocol. Click Continue.
Backend Server: Specify the protocol for the backend server – HTTP or HTTPS, then specify its IP address or Hostname and port. This is typically the current IP Address or hostname associated with the DNS domains you entered in step 1.
Click Test Connection to ensure that Barracuda WAF-as-a-Service can connect to the backend server. When you have successfully tested the connection, click Continue.
If the test displays a warning, refer to Backend IP Address Errors for troubleshooting information.Select Mode: Specify whether you want to Monitor or Block malicious traffic. If you are protecting an existing, live application, to minimize site downtime, we recommend you only monitor traffic for about a week before blocking malicious traffic. If you are protecting a new application, you can start blocking malicious traffic immediately. For more information, refer to Understanding Monitor and Block Modes. Click Add.
Change CNAME: Copy the CNAME domain provided so you can update your DNS records through your hosting provider. The CNAME is structured as
app######.prod.cudawaas.com
. After copying the information, click Close.
B. Add CNAME Records
Go to your domain provider’s DNS management portal to add the CNAME record you created in the previous step. Adding the CNAME record will redirect all of your web application traffic to Barracuda WAF-as-a-Service. If you already have a CNAME record for your domain, edit the existing record. If you already have an A record for your domain, delete the A record first, then create the CNAME record.
Reach out to your domain provider directly with any questions.