Here you can enable SlowHTTPSlowHTTP attacks are DoS attacks, in which the attacker sends HTTP requests slowly and in pieces to a Webserver. So the Webserver keeps its resources busy waiting for the data. A DoS is created when the server's concurrent connection pool reaches its maximum. protection and set a timeout for request headers. You can determine the minimum and maximum time limit for request headers and extend the minimal timeout according to the data volume. For example, the soft limit allows at least 10 seconds to receive request headers. The extension rate is 500, the hard limit is set to 30. If the client now sends data, the soft limit timeout increases 1 second for every 500 bytes received. After 30 seconds the client will be disconnected. Please specify the values for your scenario.
Use timeout for request headers: If enabled, the SlowHTTP Protection is activated.
Soft limit: Enter the minimum amount of time to receive the request header.
Hard limit: Enter the maximum amount of time to receive the request header.
Extension rate: Enter the amount of data volume which extends the timeout.
Skipped Networks/Host: Select or add networks/hosts that should not be affected by SlowHTTP Protection.
Select the minimal TLS version that is allowed to connect to the WAF.
Note – If you select TLS version 1.2, clients using old versions of Microsoft Internet Explorer (6, 7 or 8) or Microsoft Windows XP will not be able to connect to the WAF.
If enabled, the proxy protocol is supported. Proxy Protocol is an Internet protocol which carries connection information from the source requesting the connection to the destination for which the connection was requested.
You need to ensure that there is a trusted source of Proxy Protocol information in front of WAF and that all traffic passes through this source. This means, that your WAF should not be connected directly with the Internet. This must be ensured within your network topology.