Home » Products » Screenshots

dotDefender Web Application Firewall Screenshots

The following screenshots illustrate the user interface of Applicure Web Application Firewall
dotDefender Console

 

dotDefender Console

 

Instantly set overall policies and predefined application rule-sets to provide out-of-the-box protection for Web applications
 
dotDefender_Profile

 

Profile
 

Each website is automatically assigned a security profile, with a user-provided description
 
dotDefender_Operating_mode_s

 

Operating Mode
 

Each website profile may use the Default Security Profile as the standard policy, or work in    Protection (block) or Monitoring mode (log only) according to individual security policies

 
 
dotDefender_Application_Rule_set_s

 

Application Rule Set
 

Predefined rule set templates enable rapid deployment of dotDefender with ready-made security policies for common Web applications
 
 
dotDefender_sql_injection_best_practices

 

SQL Injection – Best Practices
 

Choose which type of SQL Injection attacks to intercept, including user defined and Best     Practices rules
 
 
dotDefender_Signatures_Knowledgebase

 

Signatures Knowledgebase
 

Choose known-attack protection signatures, including well known web-propagated Worms and              Bad User Agents
 
dotDefender_Session_Protection

 

Session Protection
 

Session Protection limits the load of HTTP requests per user-defined time intervals, per website and per client IP
 
 
dotDefender_advanced_settings

 

Advanced Settings
 

Configure sensitive data masking, large request handling, allowed byte values in incoming traffic, cookie protection, RFC compliance checking
 
 
dotDefender Console

 

NAT Support
 

Defines server-wide configuration.  As shown above, NAT device (reverse-proxy, firewall, load balancer) support is enabled via X-Forwarded-For header parsing. This enables the application of rules to, and event logging of, the original client IP address
 
dotDefender-Custom_Error_Hadling

 

Custom Error Handling

 

Configure error page / redirection /  response status code for offending users, with   variable parameters such as the website administrative contact email address
 
dotDefender-Custom_Rules

 

Custom Rules

 

Enables creation of rules that will match any custom patterns in any custom locations within the HTTP/S requests
 
dotDefender-Log_Viewer-Show _Attack_Events

 

Log Viewer - Show  Attack Events

 

Displays all events under a specific attack category (SQL Injection in this example)
dotDefender-Log_Viewer–All_Sites

 

Log Viewer – All Sites

 

Displays the current security status of web servers 
 
dotDefender-LogViewer-Filter_by_Attack_Type

 

Log Viewer - Filter by Attack Type

 

Displays events filtered by attack categories (IP addresses)
 
dotDefender-Log Viewer-Filter_by_Attack_Source

 

Log Viewer - Filter by Attack Source

 

Displays events filtered by attack sources (IP addresses)
 
dotDefender-Log Viewer-Filter_by_Attack_Source

 

Log Viewer - Event Details

 

Displays details of attacks within HTTP/S requests
 
dotDefender-Server-Masking

 

Server Masking

 

Server Masking functionality gives control over what information is returned by the server
 
dotDefender-Upload-folders-filtering

 

Upload Folders filtering

 

This function allows the filtering of files uploaded to the server. You can set the file type allowed as well validate the content being uploaded
 
dotDefender-Code-Injection

 

Code Injection Prevention

 

Remote file inclusion attacks supply external scripts which can be automatically interpreted by the running application, possibly resulting in server compromise.  Code injection can result in local OS access, sabotage, theft of data and remote access to server.