Li, Qiao aea4b89c6e WAF Dedicated User Guide 20231030 version.

Reviewed-by: Rogal, Marcel <mrogal@noreply.gitea.eco.tsi-dev.otc-service.com>
Co-authored-by: Li, Qiao <qiaoli@huawei.com>
Co-committed-by: Li, Qiao <qiaoli@huawei.com>

2024-10-01 07:48:08 +00:00

1.3 KiB

Raw Permalink Blame History

Can WAF Protect Websites Accessed Through HSTS or NTLM Authentication?

Yes. WAF can protect HTTP and HTTPS applications.

If a website uses the HTTP Strict Transport Security (HSTS) policy, the client (such as a browser) is forced to use HTTPS to communicate with the website. This reduces the risk of session hijacking. Websites configured with HSTS policy use the HTTPS protocol. So, WAF can protect these websites.
Windows New Technology LAN Manager (NTLM) is an authentication method over HTTP. NTLM uses a three-way handshake to authenticate a connection. NTLM authenticates a client (such as a browser) the same way the Windows remote login authentication does.
WAF can protect applications that use NTLM to authenticate connection between a server and client, such as a browser.

Parent topic: About WAF

1.3 KiB Raw Permalink Blame History

Can WAF Protect Websites Accessed Through HSTS or NTLM Authentication?

1.3 KiB

Raw Permalink Blame History