We are facing an issue with the functionality of WAF. I’ll try to explain with as much details as possible.
We have a domain (zzzz.com) with two subdomains: xxx.zzzz.com and yyy.zzzz.com. Both subdomains are directed to a protected web server (rules ID:75 and 80 respectively) with a wildcard domain certificate *.zzzz.com.
With both Business Rules active (ID:75 and ID:80), both domains are accessed without any problems but BOTH use rule ID:75 instead of individual rules. (IMG:1)
Domain yyy.zzzz.com should use ID:80 as in the image below: (IMG:2)
With BOTH rules ON, Rule ID:75 is used as in packet capture image (IMG:3):
The issue arises when we switch OFF Rule ID:80. When this happens, the server is no longer accessible, even though when both are ON, ONLY Rule ID:75 is used. (IMG:4)
Even though Packet Capture still sees the traffic coming from ID:75, the browser responds with a “server not found”. (IMG:5)
I am having doubts about what is going on and if it is related to the CERTIFICATE.
On th HELP, this is available:
HTTPS
Select to enable or disable scanning of HTTPS traffic.
HTTPS Certificate (available only if HTTPS is selected)
Select the HTTPS certificate to be used.
Redirect HTTP (available only if HTTPS is selected)
Select to redirect HTTP requests. Thus, users entering the URL without https:// will be redirected automatically to the hosted server.
An HTTP request requires a host header if Redirect HTTP is enabled.
Domains
Enter the FQDN of domains for which the web server is responsible. Wildcards are not allowed.
Examples:
example.com
www.example.com
subdomain.example.com
(If HTTPS is enabled): Domains that are part of the selected HTTPS certificate are automatically available in the Domains box.
The above states that the domain will be added to the domain box if it is HTTPS Certificate, but this functionality is not clear either. Does it mean that only having zzzz.com will be enough for servers or each should be added individually (xxx.zzzz.com and yyy.zzzz.com)?
This thread was automatically locked due to age.