It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Login Sign Up Contact & Support

United States – English (GMT-8)

Email Security Gateway

Forensics & Incident Response

Message Archiver

Cloud Archiving Service

Total Email Protection

CloudGen Firewall

Firewall Insights

Network Access Client

Web Security Gateway

CloudGen Access

Web Security Agent

Web Application Firewall

WAF Control Center

WAF-as-a-Service

Vulnerability Manager

Vulnerability Remediation Service

Active DDoS Prevention

Load Balancer ADC

Cloud Security Guardian

Reporting Server

Firewall Policy Manager

Cloud-to-Cloud Backup

Managed Workplace

Intronis Backup

NextGen Firewall X

Reference / FAQ

TechSummit 2019

Network Security

Barracuda WAF-as-a-Service

Overview Documentation Training Materials

Email Security Gateway

Forensics & Incident Response

Message Archiver

Cloud Archiving Service

Total Email Protection

CloudGen Firewall

Firewall Insights

Network Access Client

Web Security Gateway

CloudGen Access

Web Security Agent

Web Application Firewall

WAF Control Center

WAF-as-a-Service

Vulnerability Manager

Vulnerability Remediation Service

Active DDoS Prevention

Load Balancer ADC

Cloud Security Guardian

Reporting Server

Firewall Policy Manager

Cloud-to-Cloud Backup

Managed Workplace

Intronis Backup

NextGen Firewall X

Reference / FAQ

TechSummit 2019

Network Security

Login Sign Up Contact & Support

United States – English (GMT-8)

Restricting Direct Traffic

Last updated on 2021-01-08 09:38:38

After you set up Barracuda WAF-as-a-Service for one or more of your applications, ensure that users cannot access your application server directly, without going through Barracuda WAF-as-a-Service.

For accounts created on or after November 5, 2019

Barracuda WAF-as-a-Service provides the IP ranges you need to accept.

To locate the IP ranges:

Log into Barracuda WAF-as-a-Service and navigate to Applications.
Click the application name.
In the left panel, select Endpoints.
On the Endpoints page, locate the IP Ranges to Allow section. Click Show IPs, then copy the IP ranges listed.
Configure your application server to accept traffic only from those IP ranges.

For accounts created before November 5, 2019

Configure your application server to accept traffic only from the following Barracuda IP ranges.

64.113.48.0/20
34.228.125.58/32
51.103.8.8/31
52.142.154.84/31

Configuring your Application Server

Consult your application server documentation for specific instructions on this process. Here are links to some application server documentation sets.

Apache HTTP Server documentation
Nginx Web Server documentation
Unix and Linux Iptables

Last updated on 2021-01-08 09:38:38