Add a web server
You must create an IP host or FQDN host.
- Go to Web server > Web servers and select Add.
- Enter a name.
Specify the settings.
Option Description Host Server host. You can create or select an IP host or FQDN host.
FQDN hosts are compatible with more servers.
Type Protocol to use for communication between the firewall and the server. You can protect plain text (HTTP) and encrypted (HTTPS) servers. Port Server port. Enter the port number on which to reach the hosted web server. The defaults are port 80 for HTTP and port 443 for HTTPS. You can use the same port (for example, 443) for SSL VPN and WAF. In this case, SSL VPN works on any IP address except the IP address (Hosted address) configured for WAF.
WAF can't share the same port as the user portal. The default user portal port is 443.
Keep alive Keep the connection between the firewall and the web server open instead of opening a new connection for every request.
Check if your web server supports keep alive before turning on this setting.
Timeout Define a connection time-out value, that is, the number of seconds the WAF waits for data sent by, or sent to the real webserver. Values from 1 to 65535 seconds are allowed. Data can be received as long as the web server sends data before the time-out expires. After the time-out expires, the WAF sends an HTTP 502 message to clients. The default time-out is 300 seconds. Disable backend connection pooling Do not reuse old connections from the connection pool and instead create a new connection to the backend server every time it is used.
Turning on this setting may result in decreased performance and is recommended for troubleshooting purposes only.