It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda WAF-as-a-Service

Backend IP Address Errors

  • Last updated on

When you set up Barracuda WAF-as-a-Service to protect your application, you must tell Barracuda Networks where to send traffic after filtering it.

For more information on the Backend IP Address, see Understanding Traffic Flow with Barracuda WAF-as-a-Service.

Backend IP Address Warning

When you try to set or edit the Backend IP Address, you might see a warning that the site, as retrieved from the Backend IP Address, does not match the site as retrieved directly.

To prevent mistakes, Barracuda WAF-as-a-Service attempts to retrieve your site root in two ways:

  • By connecting directly to the Backend IP Address you specified and requesting the site root, using the appropriate Host header for the domain you entered.
  • By looking up the IP address of your site with a DNS query, connecting to the server referenced in DNS, and requesting the site root.

This process is repeated for each domain you entered for your service when setting up Barracuda WAF-as-a-Service.

If you are setting up Barracuda WAF-as-a-Service on a site that already exists, the two methods above should yield the same site, since they are accessing the same application server. If you receive this warning, make sure the Backend IP Address you entered maps to the same application server currently serving the application you are setting up.

If you are setting up Barracuda WAF-as-a-Service on a site that is not yet live, you might receive a warning because the web site is not yet active. This is normal.

Backend IP Address Error

When you set or edit the Backend IP Address, you might see an error that Barracuda Networks cannot connect to the Backend IP Address you have specified.

Barracuda Networks must be able to connect to the Backend IP Address you specify in order to forward traffic after filtering. Check that the address you entered is correct and is accepting connections. Check that the protocol you have selected (HTTP or HTTPS) is correct. If you are using a different port than the standard ports (80 for HTTP; 443 for HTTPS), enter that port in the appropriate box.


Your backend IP address must accept connections from the IP addresses specified in Restricting Direct Traffic.