Bring Your Own License.
Bring Your Own License.
1 Confidential | Copyright © 2016 Indusface | All Rights Reserved
TABLE OF CONTENTS
Access Total Application Security – BYOL on AWS Marketplace ................................................................................................ 3
Configuring Total Application Security ................................................................................................................................... 13
Adding a Website ........................................................................................................................................................................... 16
Indusface Total Application Security Portal Tour .................................................................................................................... 21
Profile and Licensing Info ....................................................................................................................................................... 21
Documents ............................................................................................................................................................................ 23
Logout ................................................................................................................................................................................... 23
Summary ............................................................................................................................................................................... 23
Block Status ................................................................................................................................................................................... 25
DDoS Attacks Blocked .................................................................................................................................................................... 26
Top 5 Attack Categories ................................................................................................................................................................. 26
Top 5 Attacks By IPs ....................................................................................................................................................................... 27
Top 5 Attacks By Countries ............................................................................................................................................................ 27
Top 5 Attacked URIs ....................................................................................................................................................................... 28
Detect ................................................................................................................................................................................... 29
Detected Vulnerabilities ................................................................................................................................................................. 30
Vulnerabilities Categories .............................................................................................................................................................. 30
Vulnerabilities details .................................................................................................................................................................... 31
Scanning and Pen Testing .............................................................................................................................................................. 32
Protect .................................................................................................................................................................................. 35
Blocked Attacks .............................................................................................................................................................................. 36
Attacks By IP .................................................................................................................................................................................. 36
Attacks By Category ....................................................................................................................................................................... 39
Attacks By URI ................................................................................................................................................................................ 41
Monitor ................................................................................................................................................................................. 44
Attacks By IP .................................................................................................................................................................................. 45
Settings ................................................................................................................................................................................. 54
Web Application IP Address ........................................................................................................................................................... 54
WAF Status .................................................................................................................................................................................... 55
IPs Blacklisted ................................................................................................................................................................................ 55
IPs Whitelisted ............................................................................................................................................................................... 55
Countries Blacklisted ...................................................................................................................................................................... 55
URIs Whitelisted ............................................................................................................................................................................. 56
Bring Your Own License.
2 Confidential | Copyright © 2016 Indusface | All Rights Reserved
Forgot Password .................................................................................................................................................................... 57
Appendix A: SSL Configuration ............................................................................................................................................... 58
Appendix B: Routing Traffic ................................................................................................................................................... 60
Bring Your Own License.
3 Confidential | Copyright © 2016 Indusface | All Rights Reserved
Access Total Application Security – BYOL on AWS Marketplace
1. Please visit the AWS Marketplace https://aws.amazon.com/marketplace. Look for Total Application Security: Scan,
Pen‐Testing, Managed WAF & DDoS ‐ BYOL page, and click GO.
2. Go through What is the correct instance type for my website? link under Resources section to determine the right
instance for your website and then click Continue. 3. Click 1‐Click Launch tab.
4. In the Software Pricing widget, select Subscription Term and Applicable Instance Type.
Bring Your Own License.
4 Confidential | Copyright © 2016 Indusface | All Rights Reserved
5. In the Version widget, select the version 4.1 or latest.
6. In the Region widget, click Region drop down box to select the region to host the AMI. This region will guide what
subnet and VPC can use for the AMI.
Bring Your Own License.
5 Confidential | Copyright © 2016 Indusface | All Rights Reserved
7. In the EC2 Instance Type widget, select an instance of your choice. Not sure of which instance type to select? We have made an Instance Selection Guide too.
8. Now under the VPC Settings widget, do one of the following:
Click VPC dropdown box to select the VPC ID to deploy instance. The Subnet drop‐down will appear, select appropriate subnet. To create one new VPC, click Create a VPC
Note: If subnet is private then provide NAT router and Gateway details.
Click VPC dropdown box to select the EC2 Classic.
Bring Your Own License.
6 Confidential | Copyright © 2016 Indusface | All Rights Reserved
9. Create one Security Group and in Security Group widget, select created security group from the drop down.
Note: A security group is a set of firewall rules that control traffic for a particular instance. Click Security Groups for more information.
For HTTP Website For HTTPS Website For HTTP & HTTPS websites
HTTP HTTPS HTTPS & HTTP
SSH SSH SSH
Port (8080) Port (8080) Port (8080)
Connection Method Protocol Port Range Source (IP or Group)
HTTPS TCP 443 0.0.0.0/0
HTTP TCP 80 0.0.0.0/0
Custom TCP Rule TCP 8080 0.0.0.0/0
SSH TCP 22 Source IP to provide SSH access
10. Click key pair dropdown to select a Key Pair. Key Pair widget ensures only you have access to the Total Application
Security.
Bring Your Own License.
7 Confidential | Copyright © 2016 Indusface | All Rights Reserved
11. Click Accept Terms & Launch with 1‐Click.
Note: If you are an existing AWS customer, the button will be labeled as Launch with 1‐Click.
12. Confirmation pop‐up page will appear and follow the on screen instructions. Click AWS Management Console link
on the page.
13. Resources page will appear, click Running Instances.
Bring Your Own License.
8 Confidential | Copyright © 2016 Indusface | All Rights Reserved
14. Instances page will appear. Sort by launch timestamp in the table to identify the most recent instance you launched.
15. Under Name column, provide the name for the instances.
Bring Your Own License.
9 Confidential | Copyright © 2016 Indusface | All Rights Reserved
16. Make a note of launched Instance ID.
17. In the left navigation pane, under NETWORK & SECURITY, click Elastic IPs to create one static IP for your instance.
18. Click Allocate New Address.
Bring Your Own License.
10 Confidential | Copyright © 2016 Indusface | All Rights Reserved
19. Allocate New Address pop‐up will appear. Select one option from the EIP used in drop‐down and then click Yes, Allocate.
20. Allocate New Address pop‐up window will appear with Elastic IP. Click View Elastic IP to see the assigned IP.
21. Allocated Elastic IP will appear. Click Actions, select Associate Address and do one of the following:
Bring Your Own License.
11 Confidential | Copyright © 2016 Indusface | All Rights Reserved
a. If it is EC2 environment, enter Instance ID in the Instance text box and then click Associate.
b. If it is VPC environment, enter instance ID/network interface in the Instance/Network Interface text box
and click Associate.
Bring Your Own License.
12 Confidential | Copyright © 2016 Indusface | All Rights Reserved
22. In the navigation pane, click Instances. Examine the Status Checks, ensure that the status is changed from Initializing to 2/2 checks passed. Make a note of the Public IP address.
Your AMI has been launched successfully and configured with the Publlic IP address. Now the next step is to configure TAS on the AMI instance.
Bring Your Own License.
13 Confidential | Copyright © 2016 Indusface | All Rights Reserved
Configuring Total Application Security
1. Paste the public IP as <Public IP>:8080 in the browser to attain the TAS Domain Registration page.
After launching AMI successfully, press Click here to sign‐up to register.
Bring Your Own License.
14 Confidential | Copyright © 2016 Indusface | All Rights Reserved
2. Indusface Total Application Security – signup page will appear, provide the details and click Register
Bring Your Own License.
15 Confidential | Copyright © 2016 Indusface | All Rights Reserved
3. Indusface TAS login page will appear. Provide Username, Password, and the click Sign In.
4. All Sites ‐ Health Summary page will appear that serves as the entry point for the website, click on Add Website
to add a website.
Bring Your Own License.
16 Confidential | Copyright © 2016 Indusface | All Rights Reserved
Adding a Website To add a website, click on add website icon in All Sites – Health Summary page which has four steps to complete the
process.
1. Provide the code of license which will be protecting the added website. License information like expiry is
provided just below the license box depending on the license code, provide the details. Scan URL is URL used for scanning, by default, it is the domain name of that website.
2. Check on the protocol type and combination depending on the requirement and click submit.
Bring Your Own License.
17 Confidential | Copyright © 2016 Indusface | All Rights Reserved
3. If protocol combination type has HTTPS, then upload SSL certificates (recommended) or skip by pressing Skip
to configure it manually.
4. Check details of the website and click on submit to finish the process.
Note: If you want to revert the selection, it is only done by clicking back in the second step.
1. All Sites – Health Summary page will appear. Initiate scan for new website by clicking Scan Now under Last
Scan to scan your domain to detect the web application vulnerabilities, malware, and business logic flaws.
Bring Your Own License.
18 Confidential | Copyright © 2016 Indusface | All Rights Reserved
5. Initiate scan by clicking Scan Now under Last Scan to scan your domain to detect the web application vulnerabilities, malware, and business logic flaws.
6. Once the scan completed, Last Scan will display the date and time.
7. Your website is now successfully configured to be used with Indusface Total Application Security. 8. License Expiry displays when a website’s license is going to expire and when it expires, it display’s Renew Now
below the date. 9. Click Detect tab and then click Download Scan Report to view the scan report.
10. When you click Renew Now it takes you to Profile page where you can renew/upgrade your license.
Bring Your Own License.
19 Confidential | Copyright © 2016 Indusface | All Rights Reserved
11. Click on renew now/upgrade license and provide the license key which you want to upgrade and press renew license.
Bring Your Own License.
20 Confidential | Copyright © 2016 Indusface | All Rights Reserved
12. If the configuration status has not been routed, it shows red symbol requesting routing configuration, click on Routing Configuration Required Appendix B: Routing Traffic. Refresh the page to get status to turn green.
Bring Your Own License.
21 Confidential | Copyright © 2016 Indusface | All Rights Reserved
Indusface Total Application Security Portal Tour For detailed features of the Total Application Security portal, please visit Guided Tour
Profile and Licensing Info To edit login, enter the required details in the respective text boxes and click save to update the details.
Parameter Description
User Name Displays your username.
Email Address Provide email address to request Pen Testing to get POC if You requested and notifications
Contact number Provide the updated contact number.
Bring Your Own License.
22 Confidential | Copyright © 2016 Indusface | All Rights Reserved
To reset the password, enter the details in change password and click change.
In license info, click on Add License to add a new license to your website
A pop‐up will come asking you to Add license key, after typing the key, click Add License.
Parameter Description
Current Password Provide the current password
New Password Provide new password.
Confirm Password Re‐type the new password.
Bring Your Own License.
23 Confidential | Copyright © 2016 Indusface | All Rights Reserved
Documents 1. Click to view TAS assistance documents.
Logout
1. Click to log out from the portal.
Summary The summary tab provides an overview of the number of detected and blocked vulnerabilities, a number of application DDoS attempts and Top five categories names of the attacks, IPs, countries, and URIs. The page attributes can be customized for sites and number of days.
Bring Your Own License.
24 Confidential | Copyright © 2016 Indusface | All Rights Reserved
Bring Your Own License.
25 Confidential | Copyright © 2016 Indusface | All Rights Reserved
Block Status 1. Block Status widget shows the number of vulnerabilities detected in the website scanning, a number of attacks
blocked against detected and protected vulnerabilities and the total number of blocked attacks.
2. Vulnerabilities Detected shows the number of vulnerabilities detected in the most recent website scanning. Same
can be seen severity wise in Detect tab.
3. Blocked Against Detected Vulnerabilities shows a total number of attacks blocked by detected and protected
vulnerability categories.
Bring Your Own License.
26 Confidential | Copyright © 2016 Indusface | All Rights Reserved
4. Total blocked Attacks shows a total number of attacks blocked. Same can be seen severity wise in Protect tab.
DDoS Attacks Blocked DDoS Attacks Blocked widget shows a number of blocked DDoS and Bot attacks.
Top 5 Attack Categories Top 5 Attack Categories widget displays regular analysis of top five attacks. Each color in doughnut chart indicates a different attack type with their count and percentages.
Bring Your Own License.
27 Confidential | Copyright © 2016 Indusface | All Rights Reserved
Top 5 Attacks By IPs Top 5 Attacks By IPs displays top five IPs lists from where the attacks are encountered and the attacks count.
Top 5 Attacks By Countries Top 5 Attacks By Countries widget displays top five countries from where the attacks are encountered and there count.
Bring Your Own License.
28 Confidential | Copyright © 2016 Indusface | All Rights Reserved
Top 5 Attacked URIs Top 5 Attacked URIs widget shows top five attacked URIs and attacks count.
Bring Your Own License.
29 Confidential | Copyright © 2016 Indusface | All Rights Reserved
Detect The detect tab provides an overview of the website scan and detected vulnerabilities details. It helps initiate scans, download the scan report, request a pen‐testing scan, request POCs, and custom rules. The page attributes can be customized for the websites. A simple doughnut chart shows top five noticed vulnerabilities count and their percentage.
Bring Your Own License.
30 Confidential | Copyright © 2016 Indusface | All Rights Reserved
Detected Vulnerabilities It shows a count of most recent detected vulnerabilities in the website scanning.
Vulnerabilities Categories Doughnut chart displays blocked vulnerability categories with their count and percentages.
Bring Your Own License.
31 Confidential | Copyright © 2016 Indusface | All Rights Reserved
Vulnerabilities details Vulnerabilities table displays the Severity of the vulnerability, Vulnerability category, whether the vulnerability protected or not and attacked URI. 1. To request proof of concept of any vulnerability or to request custom rules for any unprotected vulnerability,
select the check boxes of the respective vulnerabilities and then click Request POC or Request Custom Rules on
top right side of the Vulnerabilities table.
Bring Your Own License.
32 Confidential | Copyright © 2016 Indusface | All Rights Reserved
Scanning and Pen Testing 1. Click Now in Schedule Scan Now widget to initiate a scan.
2. Click Request in Request Pen Testing widget, which looks for security weaknesses.
3. Vulnerabilities detected in scanning can be viewed in the Web Application Scan summary widget that displays
date, time of the completed scan and detected vulnerabilities count (Includes Critical, high, Medium, Low, and
Info).
4. Vulnerabilities detected in pen testing can be viewed in the Monitor tab.
Bring Your Own License.
33 Confidential | Copyright © 2016 Indusface | All Rights Reserved
a. For a detailed analysis of vulnerabilities detected in pen testing, initiate scan along with pen testing and
download scan report, which includes pen‐testing results.
5. To view preceding 10 scans vulnerability details, click Last Scan drop down and select one scanned date.
Respective scan detected Vulnerabilities count will appear.
Bring Your Own License.
34 Confidential | Copyright © 2016 Indusface | All Rights Reserved
6. For further analysis, click Download Scan Report to get a report with respective to selected scan date.
Note: Disable pop‐up blocking to download the Band input and output values. Follow these steps to disable the pop‐ups in different browsers. Google Chrome ‐ Click Download Scan Report, it will show the pop‐up icon on the top right side of the window
before bookmarks’ icon. Click Allow pop‐up. Mozilla Firefox ‐ Click Download Scan Report, it will display a message on the top of the window with an Options
icon. Click Options to disable the pop‐up to generate the reports. Opera ‐ Click Download Scan Report, it will show the pop‐up icon on the top right side of the window
before bookmarks’ icon. Click Allow pop‐up.
Bring Your Own License.
35 Confidential | Copyright © 2016 Indusface | All Rights Reserved
Protect Protect tab provides an overview of the real‐time blocked attacks by WAF and displays top five IPs, attack categories and URIs. It offers attack categories and severities graphs. The page attributes can be customized for sites, type of attacks and number of days.
Bring Your Own License.
36 Confidential | Copyright © 2016 Indusface | All Rights Reserved
Blocked Attacks
It shows a count of blocked attacks by impact severity and displays date and time of lastly blocked attack.
Attacks By IP
1. Attacks By IP table displays blocked IP addresses from where the attacks are encountered on the website, IP
Reputation whether that IP is good or bad, attacks count, Severity of the attack, Country name from which
country the attacks are happening and Details.
Bring Your Own License.
37 Confidential | Copyright © 2016 Indusface | All Rights Reserved
2. In Attacks By IP table, find the IP of which information needs to be viewed and then click Details to the
respective IP to view the information in detail.
3. Attack from IP pop‐up window will appear displaying violations details of that particular IP.
4. Click Whitelist IP to allow traffic from the IP or click Blacklist IP to drop the traffic from the IP or click Blacklist
Country to drop the traffic from the country.
Bring Your Own License.
38 Confidential | Copyright © 2016 Indusface | All Rights Reserved
5. Mouse over on nodes in the graph, which will show event name, date, time, and count respectively.
6. To view attack payload of the particular attack category in the pop‐up window, find the category of which
attack payload needs to be viewed and then click Details to the respective category to view the payload. Attack
Payload pop‐up will appear.
Bring Your Own License.
39 Confidential | Copyright © 2016 Indusface | All Rights Reserved
Attacks By Category 1. Attacks By Category table displays blocked attacks Category, attacks count, Severity of the attack, and Details.
2. In Attacks By Category table, find the category of which information needs to be viewed and then click Details to
the respective attack category to view the details in detail.
Bring Your Own License.
40 Confidential | Copyright © 2016 Indusface | All Rights Reserved
3. Attack Categories Details pop‐up window will appear displaying violations details of that particular attack
category.
4. Mouse over on nodes in the graph, which will show event name, date, time and count, respectively.
5. To view attack payload of the particular IP Address in the pop‐up window, find the IP of which attack payload
needs to be viewed and then click Details to the respective IP Address to view the payload. Attack Payload pop‐
up will appear.
Bring Your Own License.
41 Confidential | Copyright © 2016 Indusface | All Rights Reserved
Attacks By URI
1. Attacks By URI table displays blocked URIs from where the attacks are happening on the website, Attacks count,
Severity of the attack and Details.
2. In Attacked URI table, find the URI of which information needs to be viewed and then click Details to the
respective URI to view the details in detail.
Bring Your Own License.
42 Confidential | Copyright © 2016 Indusface | All Rights Reserved
3. Attack URI Details pop‐up window will appear displaying violations details of that particular URI.
4. Click Whitelist URI to allow traffic from the URI.
5. Mouse over on nodes in the graph, which will show event name, date, time, and count respectively.
Bring Your Own License.
43 Confidential | Copyright © 2016 Indusface | All Rights Reserved
6. To view attack payload of the particular IP Address in the pop‐up window, find the IP of which attack payload
needs to be viewed and then click Details to the respective IP Address to view the payload. Attack Payload pop‐
up will appear.
Bring Your Own License.
44 Confidential | Copyright © 2016 Indusface | All Rights Reserved
Monitor Monitor tab provides an overview of the real‐time logged attacks by WAF and displays top five IPs, attack categories, and URIs. It offers timeline graph to represent the Bandwidth (Avg kb per min) and Requests (hourly). The page attributes can be customized for sites and number of days.
For detailed features of the Total Application Security portal, please take a visit.
Bring Your Own License.
45 Confidential | Copyright © 2016 Indusface | All Rights Reserved
It shows a count of created Custom Rules, Total POCs, and Vulnerabilities detected in pen testing. Whenever a customer asks for proof of concepts for vulnerabilities in the detect tab, that will reflect in Total POCs in Monitor tab.
Attacks By IP
1. Attacks By IP table displays logged IP addresses from where the attacks are encountered on the website, IP
Reputation whether that IP is good or bad, attacks count, Severity of the attack, Country name from which
country the attacks are happening and Details
2. In Attacks By IP table, find the IP of which information needs to be viewed and then click Details to the respective
IP to view the details in detail.
Bring Your Own License.
46 Confidential | Copyright © 2016 Indusface | All Rights Reserved
3. Attack from IP pop‐up window will appear displaying violations details of that particular IP.
4. Click Whitelist IP to allow traffic from the IP or click Blacklist IP to drop traffic from the IP or click Blacklist
Country to drop traffic from the country.
Bring Your Own License.
47 Confidential | Copyright © 2016 Indusface | All Rights Reserved
5. Mouse over on nodes in the graph, which will show event name, date & time and count respectively.
6. To view attack payload of the particular attack category in the pop‐up window, find the category of which attack
payload needs to be viewed and then click Details to the respective category to view the payload. Attack Payload
pop‐up will appear.
Bring Your Own License.
48 Confidential | Copyright © 2016 Indusface | All Rights Reserved
Attacks By Category
1. Attacks By Category table displays logged attacks Category, attacks count, Severity of the attack, and Details.
2. In Attacks By Category table, find the category of which information needs to be viewed and then click Details to
the respective attack category to view the details in detail.
3. Attack Categories Details pop‐up window will appear displaying violations details of that particular attack
category.
Bring Your Own License.
49 Confidential | Copyright © 2016 Indusface | All Rights Reserved
4. Mouse over on nodes in the graph, which will show event name, date, time and count, respectively.
5. To view attack payload of the particular IP Address in the pop‐up window, find the IP of which attack payload
needs to be viewed and then click Details to the respective IP Address to view the payload. Attack Payload pop‐
up will appear.
Bring Your Own License.
50 Confidential | Copyright © 2016 Indusface | All Rights Reserved
Attacks By URI
1. Attacked URI table displays logged URIs from where the attacks are happening on the website, Attacks count,
Severity of the attack and Details.
2. In Attacks By URI table, find the URI of which information needs to be viewed and then click Details to the
respective URI to view the details in detail.
3. Attack URI Details pop‐up window will appear displaying violations details of that particular URI.
Bring Your Own License.
51 Confidential | Copyright © 2016 Indusface | All Rights Reserved
4. Click Whitelist URI to allow traffic from the URI.
6. Mouse over on nodes in the graph, which will show event name, date, time and count, respectively.
7. To view attack payload of the particular IP Address in the pop‐up window, find the IP of which attack payload
needs to be viewed and then click Details to the respective IP Address to view the payload. Attack Payload pop‐
up will appear.
Bring Your Own License.
52 Confidential | Copyright © 2016 Indusface | All Rights Reserved
Bring Your Own License.
53 Confidential | Copyright © 2016 Indusface | All Rights Reserved
Monitor Action Summary Monitor Action Summary displays all the actions performed on TAS portal, time of action taken and details of those actions.
Under Action Taken, only the name of the action is displayed, the detailed action is viewed under Details category.
Bring Your Own License.
54 Confidential | Copyright © 2016 Indusface | All Rights Reserved
Settings Settings page assist WAF settings management and configuration. Based on the analytics, a user can block or whitelist the traffic to the website from specific IP Addresses and countries. The user can add an exception by compiling a list of URIs considered safe to allow traffic from respective URI. Click to navigate to the settings page.
The settings page will appear. Click Back to navigate to the Summary tab.
Web Application IP Address It will display default web application IP address. If there is a change in the IP address, provide new IP in the text box and click Update to update the web application IP address.
.
Bring Your Own License.
55 Confidential | Copyright © 2016 Indusface | All Rights Reserved
WAF Status
Select one option to perform by WAF and click Update.
Log and Block ‐ WAF logs and blocks the attacks
Log Only ‐ WAF logs the attacks
Disabled ‐ WAF turned off
IPs Blacklisted Click to add IP addresses in the text box to drop the connection from that particular IP Address and click Save.
IPs Whitelisted Click to add IP addresses in the text box to allow the traffic from that particular IP Address and click Save.
Countries Blacklisted Click and select one Country from the drop down to block the traffic from that particular Country and click Save.
Bring Your Own License.
56 Confidential | Copyright © 2016 Indusface | All Rights Reserved
URIs Whitelisted Click to add URI in the textbox to allow the traffic from that particular URI and click Save.
Bring Your Own License.
57 Confidential | Copyright © 2016 Indusface | All Rights Reserved
Forgot Password 1. Press Click here links next to Forgot password on the login page for lost/forgotten passwords.
2. Enter the Username and text shown and then Click Submit.
3. It will display a message An email has been sent with your new password as confirmation, click Continue.
4. The new password will send to the registered email address.
5. Enter the Username and new Password to login.
Bring Your Own License.
58 Confidential | Copyright © 2016 Indusface | All Rights Reserved
Appendix A: SSL Configuration
Steps to follow with other file formats (P12, PFX, PEM, JKS)
Prerequisites:
File Format Passwords
JKS Key Password , Keystore Password
PFX/P12 Key Password
SSL Conversion Steps
Follow the steps below to migrate the SSL from your machine to Indusface Total Application Security‐ WAF AMI with the appropriate file format (CRT).
1. Copy the certificates to the Indusface TAS‐AMI using any file transfer tool into /home/ec2-user.
2. Log into your AMI using any SSH client (E.g. PuTTY)
a. Specify the destination Host Name or IP Address of the WAF AMI and use the associated Key Pair (same key pair associated while launching the AMI instance from the AWS Marketplace.)
3. A terminal will open up. Specify the Username ec2-user and then proceed with authentication.
4. Switch to root user by executing the command sudo su –
5. Copy SSL files to /mnt directory by executing the command cp <cert_filename> /mnt
6. Now run the command ls to list all the certificates in the /mnt directory.
NOTE: Make sure not more than one file exists with the same extension in /mnt.
7. Change the directory to /media using the command cd /media
8. Run the command ls to list the contents of the directory. It will return the file convert_ssl.sh.
9. Run the command ./convert_ssl.sh <file_format> <domain_name>, press ‘y’ and provide password to convert the files into CRT file format.
NOTE: If the certificate file is not password protected, press enter to proceed. All the converted files will be placed automatically in /etc/httpd/ssl folder.
10. A success message will appear. To ensure change directory to cd /etc/httpd/ssl and run the command ls to list all
the files in the folder, the following files should be listed.
<domain_name>.crt <domain_name>-server.key <domain_name>-chain.crt
NOTE: If the conversion is not successful, please contact Indusface Support at [email protected]
11. After completion of SSL configuration, follow the Traffic Routing steps.
Bring Your Own License.
59 Confidential | Copyright © 2016 Indusface | All Rights Reserved
Steps to follow with .crt format files Consider your domain name as “yourdomain.com” and rename the SSL certificates as per your domain name in the format mentioned in the table.
Certificate Format
Server Certificate yourdomain.com.crt
Private Key Certificate yourdomain.com-server.key
Chain File yourdomain.com-chain.crt
Note: If you have multiple Chain files, put all the files in yourdomain.com-chain.crt file.
1. Copy the above files from your machine to the Indusface TAS AMI using any file transfer tool into /tmp directory.
2. Log into your AMI using any SSH client (E.g. PuTTY)
o Specify the destination Host Name or IP Address of the WAF AMI and use the associated Key Pair (same key pair associated while launching the AMI instance from the AWS Marketplace.)
3. A terminal will open up. Specify the Username ec2-user and then proceed with authentication.
4. Switch to root user by executing the command sudo su –
5. Change the directory to cd /etc/httpd/ssl/
6. Run the below command to copy the files from /tmp directory to /etc/https/ssl/ cp /tmp/yourdomain* /etc/httpd/ssl/
7. Run the command to rename apache configuration file
mv /etc/httpd/indusface/<yourdomain>.conf.disabled /etc/httpd/indusface/<yourdomain>.conf
8. Run the command to restart the apache systemctl restart httpd.service
Removing passphrase from the private key
1. To remove the passphrase from a private key type the command.
openssl rsa -in yourdomain.com-server.key -out yourdomain.com-server.key1
Enter the pass phrase for the website.
2. Create a backup file of yourdomain.com‐server.key, by executing the command
mv yourdomain.com-server.key yourdomain.com-server.key_bak
3. Rename the file yourdomain.com‐server.key1 to yourdomain.com‐server.key by executing the command
mv yourdomain.com-server.key1 yourdomain.com-server.key
4. Now type the command ls to list the certificates, the following files should be listed. yourdomain.com.crt yourdomain.com-server.key yourdomain.com-server.key_bak yourdomain.com-chain.crt
5. After completion of SSL configuration, follow the Traffic Routing steps.
Bring Your Own License.
60 Confidential | Copyright © 2016 Indusface | All Rights Reserved
Appendix B: Routing Traffic 1. Click Routing Configuration Required to use the Indusface Total Application Security, you need to ensure that all
the traffic goes through Indusface Total Application Security, AMI by implementing one of the following methods.
Single Node Deployment
If you are using SSL and SSL is terminated at the WAF AMI:
i. You need to set up the SSL certificate and keys as per instructions in SSL Configuration DOC before changing your routing. Failure to do it in this sequence will result in disruption to your website traffic.
Change your DNS A record to point to the public IP address of the Indusface WAF AMI.
Single Node Deployment with ELB
Update ELB to forward traffic on ports 80 & 443 to the IP address of the Indusface WAF AMI.
SSL is terminated at the ELB so no SSL configuration required in this model.
Multi‐Node Deployment With ELB
Contact support for routing change instructions
2. After completion of routing, refresh the Indusface TAS ‐ WAF Status page.