How to configure Security Templates?


Plevne WAS works in order to increase the security of Workcube applications. Security templates working with Plevne WAS check the incoming data for the security of your system and try to prevent risky content.


All data (such as GET, POST) coming to the system with Security Templates reaches the modules through a filter. Security templates that work at the request level stop the request (Drop Request) when it encounters a potentially unwanted data. Thus, the system blocks the incoming data before it processes or records.


Why request filtering (Request Filter) is done?

Request filtering is a common method used in web-based applications. This method works with the same logic as firewalls. Firewalls examine requests before they reach the application server and when necessary, block the data before it reaches the application server. However, customizing firewalls for applications today involves both difficult configurations and high costs to manage.

*This is not a recommendation against using a firewall, firewalls aim to protect the entire network.

With security templates, application level request filtering has now been made dynamic on Workcube. Security templates are applied according to regular expression rules. Security templates are found under the "Security" section. In the security templates screen, three groups of templates can be added;

Standard Template

This template is intended for standard use. The standard template also automatically includes Light and Dark templates. It is for the most rules and most common usage. In this template, for example, harmful or unwanted words that may appear in the text content can be entered, for example

onclick
alter
div

Requests containing these words will be stopped. Also, the standard template covers other types of templates.

Light Template

It is for defining rules that are a little more detailed than the standard template. for example 

onclick=".*body.*"
alter\s+table

This includes regular expressions and string requests, as well as templates of the dark type.

Dark Template

This template is the one where the strictest rules should be. There should be a level to be lowered on the screens where html or code is sent. It should detect the codes that are likely to have more injections or that are trying to be added for a cross site attack. for example

'--[\s\w]+
src="http[s]*://[www]*[^workcube.com].*"

Workcube objects are run by selecting one of these templates as the security level. If you are sure that the data coming from a WO contains codes such as html or sql, you can lower the level of the related WO. However, you should not forget that this is a risk for you. 


For advanced implementation and consultancy services, you should get service from Workcube certified business partners.


Feedback

Did you find this content helpful?