Here are some recommendations when you are using VasPatch: 1. Import sample rules wisely It is recommended to import and enable the sample rules that fit your web application. Enabling those rules that irrelevant to your web application will slow down the response of your web application. 2. Do not enable too many rules Too many enabled rules will slow down the process. It is recommended that do not enable more than 100 rules. 3. Rule's conditions should be specific If the rule's conditions are too generic, many requests, including those normal request, would match the conditions and filter actions would performed. This will affect the performance of VasPatch. Therefore, it is recommended that the rule's conditions should be specific to handle one vulnerability. 4. Verify sample rules and custom rules after enabled It is recommended that verify the rules after enabled. This can ensure that the rule can filter or block the unwanted request while all the normal requests can get through. 5. Change filtering mode base on necessity If your web application has high traffic and found that response is slowed down after VasPatch, it may due to high frequency of attack to your web application. Then you may change the filtering mode in "Global Setting" to "Silent". It will stop the log of request and enhance the performance. 6. Check alerts frequently If you found that certain rules appear in alert list frequently, it indicate that the vulnerabilities were being attacked frequently. It is recommended that fix the issues permanently. |
|
|
|
User Guide >
Recommended Usage |