Getting Started: Cyber Security

DescriptionGetting Started: Cyber Security

Once LeaseWeb Cybersecurity is configured and ready, there are few steps that need to be followed:

Contents

Adding/Reviewing web application

You need to first create a new web application. You can also edit ones we have added been already.

Go to the "Manage Web Apps" Sub Section in "Manage Company". To add a web application click on the "Add web app" button. To edit web application click the "Edit" button.

The following box appears:

Name Description
Name Web application name.
Domain name Web application domain name. It should be a valid domain name, it must be unique across all system web applications. After creation it can't be edited.
CNAME CNAME to be used in the DNS settings for this web application.
Origin servers The origin servers for the web application. It should be a valid IPv4 address or domain name.
Additional domains Additional domain names should be valid and unique. You can add multiple domains separated by carriage-return / line-feed (Enter). You can also add Additional domains through wildcard usage e.g: *.mydomain.com
Redirect from base domain Allows enabling of the base domain redirects. The most common case is enabling apex domain redirect to www. For example, redirect mydomain.com to www.mydomain.com
Base domain to redirect from Enabled only when the 'Redirect from base domain' option is enabled. Allows setting the base domain to redirect from. The base domain should be part of the web app domain name.
Health checks Health checks settings for the web application. Interval - 10 sec, Fail count - 2, Rise count - 2, Timeout - 5 sec.
HTTPs Support Read-only settings, it's shown only when SSL is enabled. For enabling SSL for your web application please contact our support.
SPDY Protocol Allows enabling of SPDY protocol support for the web application. Can be enabled only for web applications with SSL support.

Inviting Users

To invite a user, Click the "invite user" button in the "Manage Users" sub section under "Manage Company" in the sidebar.

The "Invite new user" box appears.

You can invite users using their email IDs and you can then manage their Web App permissions.

Adding/Reviewing caching rules

Caching helps with improving efficiency by storing frequently used data. This way cached content is served from edge server(s) without the need to fetch it from the origin.

You can manage caching rules directly in the Control Center under "Caching Policies / Caching Rules":

This also displays and allows for management of existing rule(s) you might already have.

It is important to point out that rules are implemented in the sequence they are added. It is advisable to add the most aggressive rules first to help prioritize the caching. A general approach can be to add 'do no cache' rules before caching rules.

Click on the "Add rule" button and select the new caching rule type:



Specify URL caching rule settings and defaults:



Specify file caching rule settings and defaults:



Specify never caching URL rule settings and defaults:



Specify never caching file rule settings and defaults:



Often used rules (samples):

  1. Do not cache WordPress admin page:



  2. Cache home page:



  3. Cache static content:



Cache statistics and logs:

Please use the "Caching Policies" page to view Cache Savings, Global Traffic, Hit Ratio, Top Not Cached and other statistics:



Please use the "Caching Policies / Caching Logs" page to view detailed asset caching statistics, including Request Date/Time, Asset, Client IP, Request URL, Cache Status, Country, Browser and OS information


Setting / Reviewing WAF rules

 Go to the "WAF Policies" section.


Next, enable the WAF engine. The WAF rules are separated into the following categories: 

 

 To enabled the WAF rule(s):

  1. Select the rule(s)
  2. Select the rule mode - Off, Alert only, Block
  3. Click on the 'Save' button

If you're just starting with a new web application, we recommend to set the following categories in 'Alert only' mode:

  1. Genertic Attacks
  2. XSS
  3. SQL Injection
  4. Information Leakage


WAF alerts and logs can be reviewed in the 'WAF Logs' sub section under 'WAF Engine':

Please note, WAF logs must be review periodically to determine and address false-positive alerts.