Walter.BOM Namespace
Walter.Web.FireWall Namespace
ASP-WAF Web application firewall for .Net 6, .Net 5, .Net Standard 2.1 and .Net Core 3.x

FireWallGuardActions Enumeration

Enumerable that contains FireWall Guard Module names.

Namespace:  Walter.Web.FireWall.Filters
Assembly:  Walter.Web.FireWall (in Walter.Web.FireWall.dll)

Syntax


public enum FireWallGuardActions

Members


Member nameDescription
None Indicates none set to be ignored or tested depending on the context
RejectKnownBadBoys The reject known bad boys rule
RejectDDOS The reject distributed denial of service request rule
IsBlocked The manual is blocked rule, can be set by any user code by calling the Block() method from the IFirewall instance
RejectNonAspNet The request is a non ASP net request rule
RejectPenetrationAttempts Reject penetration attempts rule
RejectRepeatViolations The reject known bad boys that are causing repeat violations
RejectWrongUserTypeThe reject requests from wrong user category like IsHuman or distinction like IsMalliciouse types rule
RejectWrongProtocol The reject wrong protocol requests rule
RejectAddHockRequests The reject add hock requests rule
EmbeddedResources Embedded resources rule
RejectHitRatioViolations The reject hit ratio violations
RejectRefreshViolations The reject refresh violations rule
RejectScrubbing The reject scrubbing rule
RejectInvalidUserSalt User presented the wrong cipher salt to the response or request
RejectInvalidUserSessionId Reject those that have the wrong firewall session id
RejectInvalidUserPageGroupHeader reject those that have an invalid PageGroup identifier.
RejectCrossSiteRequests Reject access to a resource if not from internal domain or from a domain that is white-listed (protects HttpPost requests)
RejectInvalidUserSessionHeaderId Invalid session header in request
RejectWrongGeography User access from the wrong geographic region
EarlyUserDiscovery early user discovery modules
RejectPhsishing early user discovery modules
RejectSemanticUrlAttack Reject semantic url attacks
RejectAgentsConsideredMalicious Reject requests from browsers and bots that are considered to be Malicious
RejectPoisonedCookies Reject requests where the firewall detects poisoned cookies
RejectIntentions reject a request based on browser intentions
RejectNavigation reject or allow a request based on links rendered to the user
RejectSiteMapViolations Reject access to endpoints that have not been rendered to a previous request
RejectHoneyPotTrap reject users making use of a ^known honey-pot trap
RejectAPIPenetrationAttempts A penetration attempt made against the firewall management API
RejectRejectWhoisProvider Reject requests if the Internet service provider is having the wrong reputation for a user target user group
TCPResetAttack A attempt is make to take the website off-line by flooding the site with connections that will be processed by the server but are never processed by the initiator
RejectCommonVulnerabilitiesExposuresExploits the attack is a common vulnerabilities and exposure
CSPReport The CSP report
ALL Combination of almost all modules that can be disabled
API_ENDPOINT shorthand for the modules that are typically skipped for API endpoints
API_ENDPOINT_LAX shorthand for the modules that are typically skipped for API endpoints where you allow even those that are blocked to access the endpoint
AJAX_ENDPOINT shorthand for the modules that are typically skipped for AJAX script endpoints

Remarks


The even though there are more guard modules that are active,this however is the list of rules that can be managed by means of configuration.