WAF [Web application Firewall] is primarily being used to block any malicious requests or rather, requests from attackers. However, there is a rare possibility of valid request getting blocked – depending on the type of data our customers use and how they send it to our system by means of APIs calls and browser’s requests.
If any of your customer representative reports any abnormal issues pertaining to a block from WAF (see samples below), you can report it to Security team.
We would have to collect and examine the following information.
This is how a sample block looks like (i) from a browser, and (ii) raw response:
(i) Browser:
(ii) Raw response:
HTTP/1.1 403 Forbidden
Server: AkamaiGHost
Mime-Version: 1.0
Content-Type: text/html
Content-Length: 331
Expires: XXX
Date: XXX
Connection: close
Server-Timing: cdn-cache; desc=HIT
Server-Timing: edge; dur=1
<HTML><HEAD>
<TITLE>Access Denied</TITLE>
</HEAD><BODY>
<H1>Access Denied</H1>
You don’t have permission to access “http://api-us11.leadsquared.com/v2/LeadManagement.svc/Lead.Create?” on this server.<P>
Reference #XX.4882c31.16290XXXX5.8dcXX6fd
</BODY>
</HTML>
