How to implement WAF (web Application firewall) for outsystems reactive web applications?
Hi @Priya Naveen ,
To implement a Web Application Firewall (WAF) for OutSystems 11 Reactive apps, the setup depends on where your app is hosted.
If you’re on OutSystems Cloud, a managed WAF already protects your environments.
If you’re self-managed (on-prem, Azure, or AWS), place the WAF in front of your web servers (IIS). Use:
Azure Front Door or Application Gateway WAF for Azure.
AWS WAF with CloudFront or ALB for AWS.
NGINX or Apache with ModSecurity (OWASP CRS) for on-prem setups.
ref link:
https://success.outsystems.com/documentation/11/security/web_application_firewall_in_outsystems/
https://success.outsystems.com/documentation/11/security/web_application_firewall_in_outsystems/implementing_a_waf_for_your_applications_on_outsystems_cloud/
Hope this helps.
Regards,
Manish jawla
Hello @Priya Naveen ,Just to add to answer by @Manish Jawla , even if there is already one in OutSystms Clud you can still implement your own WAF:https://success.outsystems.com/documentation/11/security/web_application_firewall_in_outsystems/implementing_a_waf_for_your_applications_on_outsystems_cloud/
Also, depending on what you are doing in your WAF this documentation might also be relevant:https://success.outsystems.com/documentation/how_to_guides/infrastructure/using_outsystems_in_reverse_proxy_scenarios/requirements_to_use_a_reverse_proxy_with_outsystems/