Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Subscribers 27 subscribers
  • Views 803 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WAF IPS not working with HTTPS requests, only HTTP.

Omar Murad

I have gone through the steps to set up WAF according to the documentation, but I cant seem to get the WAF IPS to work with HTTPS requests. It works perfectly fine with HTTP requests.

Here is my configuration

The certificate is valid for both the www and non-www domains. I have tried both the .pem and .cer versions of the certificate, but the IPS didn't work under either.

How can I get the IPS to function with HTTPS requests?

--EDIT--

My web server is running HTTPS. Am I supposed to run HTTP and let the firewall handle the encryption?



This thread was automatically locked due to age.
Parents
  • +1

    IPS (WAF) never worked while using HTTPS to the web server.

    If you want IPS to work as expected you need to terminate TLS in the WAF and run everything else in plain-text HTTP.*

    *You can let the WAF handle TLS, and send the traffic from the WAF to the web servers through plain-text HTTP.

Reply
  • +1

    IPS (WAF) never worked while using HTTPS to the web server.

    If you want IPS to work as expected you need to terminate TLS in the WAF and run everything else in plain-text HTTP.*

    *You can let the WAF handle TLS, and send the traffic from the WAF to the web servers through plain-text HTTP.

Children