Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 1 reply
  • Subscribers 26 subscribers
  • Views 542 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG v18 Disable WAF HTTP trace & track

Dan Williams

Hi

One of our customers has been advised to disable HTTP trace/track as it is identified in a vulnerability scan.

They have asked the question "what is the impact on the firewall operations?" if the change is made.

This is not something I have come across before on an XG.

Would someone be able to explain how this affects the firewall, WAF, is this a global setting or per WAF setting?

Is there also a roll back to re-enable it?

support.sophos.com/.../KB-000038557

Thanks

Dan



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hey Dan, Thanks for reaching out to Sophos Community.

    Yes, these changes will be applied globally and not to any specific WAF Policy.

    To re-enable, You'll have to run the database command again, and instead of 'set trace_enabled=0' you'll need to use 'set trace_enabled=1' and then run the second command from the KB to restart the WAF service.

    Thanks

Reply
  • FormerMember
    0 FormerMember

    Hey Dan, Thanks for reaching out to Sophos Community.

    Yes, these changes will be applied globally and not to any specific WAF Policy.

    To re-enable, You'll have to run the database command again, and instead of 'set trace_enabled=0' you'll need to use 'set trace_enabled=1' and then run the second command from the KB to restart the WAF service.

    Thanks

Children
No Data