mdamores Lv3Posted 12 Mar 2024 14:15
  
Hi,

Have you the below configuration?

1. Identify your login page URI and user identification method (username or IP).
2. Create a WAF policy for the login page URI.
3. Within the policy, configure a brute-force rule with a threshold (e.g., 5 attempts within 1 hour) and a 4. blocking action (e.g., temporary IP block).
5. Consider enabling IP reputation filtering on your NGAF to block malicious IPs.
6. Try to configure rate limiting rules on the WAF policy to further restrict login attempts as an option
7. Set session timeouts on your web application.


If all else fail, you may consider consulting Sangfor WAF documentation or Sangfor support for specific configuration instructions and available brute-force protection features.

I Can Help:

Change

Moderator on This Board

11
6
5

Started Topics

Followers

Follow

1
2
5

Started Topics

Followers

Follow

0
3
4

Started Topics

Followers

Follow

67
20
3

Started Topics

Followers

Follow

3
10
3

Started Topics

Followers

Follow

1
137
3

Started Topics

Followers

Follow

Board Leaders