I just setup TWAF along side Varnish on port 80 for a server, when I tested it myself things went fine but everything went haywire as soon as I redirected traffic to it. The pages took forever to load, when they loaded other times just an endless wait. So I removed TWAF from port 80 and everything got better.
My question, which file do I play with for TWAF's apache instance to get it to handle this traffic?
TWAF tweaking
- mikeshinn
- Atomicorp Staff - Site Admin
- Posts: 4149
- Joined: Thu Feb 07, 2008 7:49 pm
- Location: Chantilly, VA
Re: TWAF tweaking
What port did you config the TWAF to listen on?
Michael Shinn
Atomicorp - Security For Everyone
Atomicorp - Security For Everyone
Re: TWAF tweaking
Initially I had it set up on port 80
- mikeshinn
- Atomicorp Staff - Site Admin
- Posts: 4149
- Joined: Thu Feb 07, 2008 7:49 pm
- Location: Chantilly, VA
Re: TWAF tweaking
Was it also configured on port 80 when you setup a proxy in front of it?
Michael Shinn
Atomicorp - Security For Everyone
Atomicorp - Security For Everyone
Re: TWAF tweaking
I don't follow.
The original setup had Nginx / PHP-FPM on port 8888 and Varnish & TWAF on port 80
The original setup had Nginx / PHP-FPM on port 8888 and Varnish & TWAF on port 80
- mikeshinn
- Atomicorp Staff - Site Admin
- Posts: 4149
- Joined: Thu Feb 07, 2008 7:49 pm
- Location: Chantilly, VA
Re: TWAF tweaking
Sorry if I wasnt clear, was the TWAF configured to intercept connections to port 80, and something else was configured to also listen on port 80?
Michael Shinn
Atomicorp - Security For Everyone
Atomicorp - Security For Everyone
Re: TWAF tweaking
Apologies for the late reply.
TWAF and Varnish were running side by side on port 80.
Edit: Would changing settings in the tortixd.conf file at /var/asl/etc/httpd/conf help?
TWAF and Varnish were running side by side on port 80.
Edit: Would changing settings in the tortixd.conf file at /var/asl/etc/httpd/conf help?
-
- Atomicorp Staff - Site Admin
- Posts: 8355
- Joined: Wed Dec 31, 1969 8:00 pm
- Location: earth
- Contact:
Re: TWAF tweaking
Sure, all the rules of a standard /etc/httpd/conf/httpd.conf apply there.