The request protection is recommended to be configured based on actual needs by enabling relevant modules and adjusting protection parameters.
1. Request Type Protection
Configure prohibited request types. It is recommended to block: PATCH, TRACE, and others.
In most cases, only GET, POST, HEAD, and OPTIONS request types are used.
2. Sensitive Keywords Blocking
Blocks sensitive keywords in both inbound and outbound server traffic (supports GZIP compression blocking). Suitable for forums, message boards, blogs, and other websites to prevent illegal information flow.
You can click "Download Keywords" to fetch the blocking keyword library from the cloud.
The keyword library supports ++ and -- rules. For details, visit: http://www.magiaegis.com/supports/defense/161.html
3. Sensitive Keywords Filtering
Filters sensitive keywords in outbound server traffic (supports GZIP compression filtering). Suitable for forums, message boards, blogs, and other websites to prevent illegal information outflow.
The difference from "Sensitive Information Blocking" is that sensitive information filtering replaces sensitive keywords with characters (*) instead of blocking webpage output.
You can specify replacement keywords yourself, such as replacing "best" with "good" (fill in the keyword library: best==good) to avoid violating advertising laws!
You can click "Download Keywords" to fetch the filtering keyword library from the cloud.
The keyword library supports ++, --, and == rules. For details, visit: http://www.magiaegis.com/supports/defense/161.html
4. Sensitive Keywords Recording
Monitors sensitive keywords in both inbound and outbound server traffic (supports GZIP compression monitoring), suitable for scenarios such as hacker intrusion detection and sensitive word monitoring.
The keyword library supports ++ and -- rules. For details, visit: http://www.magiaegis.com/supports/defense/161.html
5. Request Data Snapshot
Records request data for security threat analysis. Solves the problem of Web Servers being unable to record POST data.
View the recording results in "Event Logs - Request Snapshots."
6. X-Frame-Options Protection
Configures whether web pages can be nested within Frame frameworks.
There are three options: DENY (prohibit nesting), SAMEORIGIN (allow nesting within the same domain), and ALLOW-FROM (allow nesting from specified domains).
DENY: Prohibits nesting under any circumstances, including nesting of internal files.
SAMEORIGIN: Only allows nesting of web pages under the same domain, which must be identical (domains with and without "www" are different).
ALLOW-FROM: Only allows nesting of web pages from specified domains.
7. Cookie Protection
Sets the HttpOnly attribute for Cookies to prevent JavaScript scripts from reading Cookie information, effectively preventing XSS attacks.
Hackers typically steal Cookie information by reading it with JavaScript scripts and then sending it to hacker websites. Therefore, preventing JavaScript scripts from reading Cookie information is the best solution.
Note: After enabling this feature, some websites may not be able to log in to the backend. Please enable it with caution.
8. File Inclusion Attack Protection
Configures file inclusion rules to effectively prevent file inclusion attacks.
