Prophaze
  • What is Prophaze AppSec Platform? How it works?
    • Performance
    • SSL Termination
    • Modes of Operation
  • Prophaze AppSec Best Practices
  • Application Onboarding
    • Account Creation
    • Deployment Models
      • Cloud
      • On-Premise
      • Kubernetes Deployment
    • Multi-Cloud Setup
  • DASHBOARD UI OVERVIEW
    • Dashboard
    • Traffic Analysis
    • API Security
    • Attack Analytics
    • DDOS Attacks
    • Rules Page
    • Bot Mitigation
    • Anomaly Detection
    • Reporting
    • Attack Types
    • Incidents
    • AppSec Toggle Mode
    • SSL Certificate
  • HTTP Support
    • Encoding Types
    • Protocol Validation
  • Protection Use Cases
    • HTTP Protocol Violation
    • Protocol Anomalies
    • Bot Detection
    • Injection Prevention
    • HTTP Request Smuggling
    • HTTP Response Splitting
    • XSS Prevention
    • LFI and RFI
    • Session Fixation
    • SQL Injection Prevention
    • Layer 7 Dos Attack Prevention
    • PHP Application Protection
  • Detection Techniques
    • Normalization
    • Negative Security Model
    • Signature and Rule Database
  • FAQ
    • Onboarding Process
    • Dashboard Terminology
    • Attack Section
    • Rule Set
    • Traffic 360: General Traffic Logs
    • ML Based Bot Mitigation
    • Generating Reports
    • Anomaly Detection
    • General
  • Software Updates
    • Release Notes v2.3.0
  • Release Notes v2.4.0
  • Release Notes v2.5.0
  • API Security Dashboard
    • API Security Features of Prophaze
    • API security scoring
    • Host-Based API Quality Score
    • How to Enable API Security and Dashboard
    • API Security Section
  • CVE
    • CVE-2024
    • CVE-2023
    • CVE-2022
    • CVE-2021
    • CVE-2020
    • CVE-2019
    • CVE-2018
    • CVE-2017
    • CVE-2012
    • CVE-2011
    • CVE-2009
    • CVE-2008
    • CVE-2001
Powered by GitBook
On this page
  • 1.To enable API security and configure the settings in Prophaze, follow these steps:
  • 2. Configure API Security for an Application
  • Configure Base URIs
  • 3. Enable API Dashboard
  • 4. Review and Save Settings

Was this helpful?

  1. API Security Dashboard

How to Enable API Security and Dashboard

1.To enable API security and configure the settings in Prophaze, follow these steps:

  1. Login Process

    1. Navigate to Applications Settings

    2. Log in to the Prophaze Dashboard.

    3. Go to Settings > Applications. You will be presented with a list of applications hosted under Prophaze.

  2. Enable API Security

  3. Configuration

    • Select the application you want to configure.

    • Follow the prompts to enable API security, ensuring that your APIs are adequately protected with the latest security measures, including dynamic threat detection and HTTPS support

2. Configure API Security for an Application

1. Locate the Desired Application

  • First, locate the application you want to configure (e.g., petstore1.kubewaf.com) in the Prophaze dashboard.

2. Edit Application Settings

  • Click on the Pencil Tool next to the application to edit its settings.

3. Enable API Security

  • Toggle the Enable API Security option to activate API protection for the selected application. This ensures that the necessary security measures, such as dynamic threat detection, are applied to safeguard your APIs.

Configure Base URIs

What is a Base URI? A Base URI is the root address of your API. It serves as the starting point for all API requests. By specifying a Base URI, you can define the scope of the protection that applies to specific parts of your application.

Example Base URIs:

  • /api/v3/user

  • /api/v3/pet

How to Add Base URIs:

  1. Enter the specific Base URI for your application (e.g., /api/v3/user).

  2. Click the Add button to include multiple URIs.

  3. Example: Add /api/v3/user and /api/v3/pet to secure these endpoints specifically.

  4. If you're unsure which Base URI to use, leave this field empty to cover all API requests.

Why Base URIs Matter:

  • By specifying specific Base URIs, you ensure that only requests matching these paths are processed by the API security engine.

  • This allows for fine-grained control over which API endpoints are protected, ensuring more efficient processing by limiting the scope of security measures to the most relevant traffic.

3. Enable API Dashboard

1. Toggle the Enable API Dashboard Option

  • Enable the API Dashboard by toggling the option to switch to the enhanced analytics view.

API Analytics Dashboard Features:

  • Real-Time Insights: Get real-time data on API performance, helping you track usage and detect issues immediately.

  • Detailed Traffic Analysis: The dashboard shows detailed analysis of traffic, including identifying suspicious and malicious requests.

  • Enhanced Reporting & Monitoring: The new dashboard provides more robust reporting and monitoring features compared to the legacy dashboard, offering greater visibility into your API’s health and security.

4. Review and Save Settings

After entering the required Base URIs and enabling the API Dashboard, click Save to finalize the configuration and complete the onboarding process.

PreviousHost-Based API Quality ScoreNextAPI Security Section

Last updated 16 days ago

Was this helpful?