SSL Termination
SSL operations needs to be changed to Prophaze WAF itself . It needs to decrypt the encrypted data to get access to HTTP data to identify any known threats resides in the post content etc. WAF can then communicate with server in plain text or ssl
Having the copy of SSL private key in the WAF , It can decrypt the encrypted traffic .The original requests and responses are never affected and reaches the web server where it is separately decrypted
Copy link