It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda WAF-as-a-Service


  • Last updated on

Barracuda WAF-as-a-Service automatically creates snapshots of your application configuration so you have a record of it over time. You can also manually create a snapshot whenever you want and also export configuration snapshots as JSON files.

You might use snapshots for the following reasons: 

  • keeping a copy of your configuration for compliance or policy reasons

  • performing a roll back to a previous configuration if there is a problem with recent changes

  • using the configuration for another application  

If needed, you can compare and roll back to any previous configuration. For example, if you or a coworker made a configuration change that is causing problems with your application, you can compare the two configuration versions to see what changed. If needed, you can roll back to the last known configuration that worked. 

Snapshots are a permanent record of your configuration, like log entries. 

Snapshots are stored in GitHub and does not require an admin to configure access for users to use Snapshots. This feature is available for admins who want to access the snapshots via GitHub. For more information, refer to Managing GitHub Access to Snapshots.

Automated Snapshots

Snapshots are automatically created whenever the application configuration is changed, so you have a record of your configuration history and can roll back to a previous version of the configuration, if needed.

To avoid creating an overabundance of snapshots, the system activates the automatic snapshot when you begin making changes and will collect additional configuration changes for about five minutes. At that point, the system creates a new snapshot. If you are still making configuration changes, the system creates another snapshot. It is sometimes possible that an automatic snapshot has "No changes", particularly if you previously took a manual snapshot or imported a configuration

Creating a Snapshot

In addition to the automatically created snapshots, you can create additional snapshots on demand – for example, before changing the configuration so you can roll back to the last known working configuration. 

To create a snapshot, click Create Snapshot Now.

Comparing Snapshots and Viewing Diffs

To see the difference between any two snapshots, select those two snapshots in the Configuration Snapshots table, then click Compare Selected to see the differences. 

To see the differences between a snapshot and the snapshot listed immediately below it in the table, in the Actions column, select Diff  

Exporting a Snapshot

You might export a snapshot of your configuration to keep a record of it for compliance reasons or to use it in configuring a new application. 

To export a configuration, click Export Current Configuration. A JSON file of your current configuration for this application immediately downloads to your default download location.  

Some customers use HashiCorp Vault to store “secrets” such as PKI certificates and private keys and other sensitive data and reference the path to these secrets on the Barracuda WAF-as-a-Service. This is supported with custom container deployments. In case of such a setup, the exported snapshot file will include the referenced secret mount path in the WAF-as-a-Service configuration. Secrets configured as part of the following configuration elements will be part of the exported snapshot file:

  • Endpoint Certificate

  • Endpoint Certificate Private Key

Importing a Snapshot

Import a configuration snapshot into an application if, for example, you are moving from staging to production or using known configuration settings to create a new application. 

To import a configuration snapshot:

  1. Log into Barracuda WAF-as-a-Service and open the target  application.

  2. In the left panel, click Snapshots

  3. In the Import/Export section, click Import Configuration

  4. Select the JSON configuration file you want to import. 

  5. Select the type of import. If the file you are importing does not have configuration information for a component already configured for this application in Barracuda WAF-as-a-Service:

    • Merge – Changes only the new configuration information you are importing, maintaining current values in the existing configuration. In REST API, this operation is known as Patch


    • Delete – Removes any existing custom configuration for this application, resetting all to default values, and then replacing any values with the new configuration you are importing. In REST API, this operation is known as Put.


  6. Click Import

Note that an automatic snapshot will be taken before the import to ensure you can roll back to the application configuration prior to the import operation.

Importing Dependent Values

If you are specifying a configuration that requires more than one value, all of the values must be present and coordinated within your JSON file for a successful import. For example, if you are specifying that you want to use a manual certificate, rather than an automated certificate, you must also provide the certificate itself. If you do not provide both the manual certificate setting along with the certificate, the import will not work and will produce an error. 

Rolling Back to a Previous Configuration


  • Rolling back to a previous version removes configuration updates made after that snapshot was created.

  • If you have made changes within the last five minutes, manually create a snapshot to capture those changes before you perform a rollback.

  • An automatic snapshot will be taken before any rollback to ensure you can roll back to the application configuration prior to the rollback operation.

Before you roll back to a specific configuration, view the snapshot to confirm that it is the correct version. In the Actions column, select View.

When you are certain which configuration to roll back to, in the Actions column for that snapshot, select Rollback. Then confirm that you want to perform the rollback. 

To undo a rollback, locate the most recent, pre-rollback snapshot. Perform a second rollback to that snapshot.