SUPPORT

24/5 Hotline Support Service

+44 (0)20 3588 3841

Open a Support Ticket

support@netsparker.com

Generating Cloudflare WAF Rules from Netsparker

The Cloudflare WAF examines HTTP requests to your website. Cloudflare WAF is a type of reverse-proxy that means the WAF is located in front of web servers and forwards client requests to those web servers. It inspects the requests and applies rules to protect web application from attacks, such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection.

If you can't immediately fix all vulnerabilities that Netsparker has detected, you can cover them up and defer fixing them until another time. This is achieved by exporting Netsparker's findings as rules for the Cloudflare WAF.

This topic explains how to configure Netsparker Standard to send a detected vulnerability to Cloudflare WAF.

For further information, see Web Application Firewalls.

Cloudflare WAF Fields

The table lists and describes the Cloudflare WAF fields in the Web Application Firewall tab.

Field

Description

Display Name

This is the name of the configuration that will be shown on menus.

Mandatory

This section contains fields that must be completed.

Access Token

This is the access token of the user.

Zone ID

This is the zone identifier.

Optional

This section contains optional fields.

Allow Regex

This is the region name, where the Web ACL is located.

How to Configure Cloudflare WAF Rules in Netsparker Standard

  1. Open Netsparker Standard.
  2. From the Home tab on the ribbon, click Options. The Options dialog is displayed.
  3. Click Web Application Firewall.

  1. From the Add dropdown, select Cloudflare. The Cloudflare fields are displayed.

  1. In the Mandatory section, complete the connection details:.
    • Access Token
    • Zone ID
  2. In the Optional settings you can specify:
    • Allow Regex
Allow regex option enables Netsparker to use regex patterns while creating rules.
  1. Click Test Settings to confirm that Netsparker Standard can connect to the configured system and validate the configuration details. The WAF Settings Test dialog is displayed to confirm that the settings have been validated.

How to Generate Cloudflare WAF Rules from Netsparker Standard Scan Results

  1. Open Netsparker Standard.
  2. From the ribbon, select the File tab. Local Scans are displayed. Doubleclick the relevant scan to display its results.

  1. In the Issues panel, right click the vulnerability you want to export and select Cloudflare WAF Rules. (Alternatively, from the ribbon, click the Vulnerability tab, then Cloudflare WAF Rules.) A confirmation message and link is displayed at the bottom of the screen.

  1. Click the Cloudflare rule is created for the selected vulnerability link.
  2. The rule is automatically created in the Cloudflare WAF. You can view it in Cloudflare WAF’s Firewall Rules tab in the Firewall menu.

  1. To retest the vulnerability from the ribbon in Netsparker Standard, click the Vulnerability tab, then Retest. If the WAF blocks the request, the status code of the response is '403-Forbidden' and Netsparker will display a message: Vulnerability seems to be fixed and removed from the report.
Since Cloudflare does not provide an option for the request body, Netsparker blocks the request method and URL. This causes non-vulnerable requests to be blocked.
Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

GET A DEMO