It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda WAF-as-a-Service

Basic Configuration

  • Last updated on

To configure the WAF-as-a-Service Content Delivery Network (CDN) for your application:

  1. Set Enable CDN to On. Within a few minutes, all  domains configured for your application are listed along with the associated TXT keys. Configure your DNS TXT records to match these values. Domains will show a status of Pending until the records are updated, at which point they will show as Approved.
  2. Once all domains are  Approved, you can set Route traffic through CDN to On. This begins the rollout of your application in the CDN network. 
  3. Once rollout is complete, the Enable CDN setting will no longer be active and Block traffic not sent through CDN will become active. Enabling this will ensure all traffic goes through CDN and prevents other routes.  However, doing so immediately could block legitimate traffic that is not routed via CDN yet, so it is a good practice to wait a few hours before blocking direct traffic.
  4. HTTPS Settings are not available for configuration at this time, but will be coming in the near future. 
    • Currently TLS defaults to the most secure option which means traffic must use TLS 1.2 or a more stringent encryption protocol. 
    • Certificates are only available as Automatic at this time, meaning WAF-as-a-Service provides an internal certificate authority. The option to use Custom certificates will be available soon.

Note: WAF-as-a-Service will automatically effect the following configuration changes once CDN is enabled:

  • Increases the Max Number of Headers to a minimum of 40 in the Request Limits policy.
  • Changes the Follow-up with Captcha action on relevant action policies to use reCaptcha instead. reCaptcha will only present human recognition challenges if behavioral analysis suspects the user is a bot.

 


Last updated on