AppTrana
Getting Started
Frequently Asked Questions
Product Details
API Scan Coverage for OWASP Top 10
Whitelist Vulnerabilities on the AppTrana WAAP
API Request to Purge CDN Data
Analysis page - Attack Trend Visualisation
Advanced Behavioral DDoS
BOT Protection
Asset Discovery
Customize Application Behavior with Bot Score
Restricted Admin User
Self Service Rules
Configuring Custom Error Page in AppTrana
Enabling SIEM Integration
API Discovery Feature
SwyftComply
Analysis page - Access Trend Visualization
Manage WAAP Email Alerts
Enable and Configure Single Sign-On
WAF Automated Bypass and Unbypass
False Positive Analysis Report on WAAP
Product User Guide
Indusface WAS
Getting Started
Product User Guide
Summary
Dashboard
Malware Monitoring[MM]
Application Audit[AA]
Vulnerability Assessment[VA]
Reports
Settings
Asset Monitoring
New Reporting Structure
Frequently Asked Questions
Feature Summary
AcuRisQ – Risk Management with Advanced Risk Scoring
WAS Consulting License
API Key Based - Scan Log Export
WAS Defacement Checks
SIEM Integration with Sumo Logic
Indusface WAS Scanned Vulnerabilities
Total Application Security
Onboarding Documents
Indusface Newsletter
Indusface Product Newsletter - October 2021
Indusface Product Newsletter- April 2021
Indusface Product Newsletter-January21
Indusface Product Newsletter - June 20
Indusface Product Newsletter - October 19
Indusface Product Newsletter - August 19
Product Newsletter of May 19
Product Newsletter of March 19
Product Newsletter of January 19
WAF Portal Revamp June 18
Product Newsletter of July 18
Product Newsletter of May 18
Product Newsletter of March 18
Product Newsletter of February 18
Product Newsletter of January 18
Indusface Product Newsletter - March 2022
Indusface Product Newsletter - February 2023
Indusface Product Newsletter- October 2022
Zero Day Vulnerability Reports
Vulnerabilities Detected in 2023
Vulnerability Report of May 23
Vulnerability Report of March 23
Vulnerability Report of August 23
Vulnerability Report of July 23
Vulnerability Report of April 23
Vulnerability Report of November 23
Vulnerability Report of June 23
Vulnerability Report of December 23
Vulnerability Report of February 23
Vulnerability Report of January 23
Vulnerability Report of September 23
Vulnerability Report of October 23
Vulnerabilities Detected in 2016
CRS vs. Zero Day Vulnerability - December 2016
CRS vs. Zero Day Vulnerability - November 2016
CRS vs. Zero Day Vulnerability - October 2016
CRS vs Zero Day Vulnerability - September 2016
CRS Vs Zero Day Vulnerabilities - August 2016
Vulnerabilities Detected in 2017
Vulnerability Report of April 17
Vulnerability report for Apr 3rd - Apr 9th 17
Vulnerability report for April 17th - Apr 23rd 17
Vulnerability report of April 10th - April 16th
Vulnerability Report of March 17
Vulnerability report for Mar 20th - Mar 26th
Vulnerability report for Mar 13th - Mar 19th
Vulnerability report for 27th Feb - 5th Mar
Vulnerability report for Mar 27th - Apr 2nd
Vulnerability report for Mar 6th - Mar 12th
Vulnerability Report of February 17
Vulnerability Report of January 17
Vulnerability Report of December 17
Vulnerability Report of November 17
Vulnerability Report of August 17
Vulnerability Report of September 17
Vulnerability Report of October 17
Vulnerability Report of July 17
Vulnerability Report of June 17
Vulnerability Report of May 17
Vulnerabilities Detected in 2018
Vulnerability Report of December 18
Vulnerability Report of November 18
Vulnerability Report of October 18
Vulnerability Report of September 18
Vulnerability Report of August 18
Vulnerability Report of July 18
Vulnerability Report of June 18
Vulnerability Reports of May 18
Vulnerability Report of April 18
Vulnerability Report of March 18
Vulnerability Report of February 18
Vulnerability Report of January 18
Vulnerabilities Detected in 2019
Vulnerability Report of December 19
Vulnerability Report of November 19
Vulnerability Report of October 19
Vulnerability Report of September 19
Vulnerability Report of August 19
Vulnerability Report of July 19
Vulnerability Report of June 19
Vulnerability Report of May 19
Vulnerability Report of April 19
Vulnerability Report of March 19
Vulnerability Report of February 19
Vulnerability Report of January 19
vulnerabilities Detected in 2020
Vulnerability Report of December 20
Vulnerability Report of November 20
Vulnerability Report of October 20
Vulnerability Report of Sep 20
Vulnerability Report of July 20
Vulnerability Report of June 20
Vulnerability Report of May 20
Vulnerability Report of April 20
Vulnerability Report of March 20
Vulnerability Report of February 20
Vulnerability Report of January 20
Vulnerabilities Detected in 2021
Vulnerability Report of November 21
Vulnerability Report of October 21
Vulnerability Report of September 21
Vulnerability Report of August 21
Vulnerability Report of July 21
Vulnerability Report of June 21
Vulnerability Report of May 21
Vulnerability Report of April 21
Vulnerability Report of March 21
Vulnerability Report of February 21
Vulnerability Report of January 21
Vulnerability Report of December 21
Vulnerabilities Detected in 2022
Vulnerability Report of January 22
Vulnerability Report of February 22
Vulnerability Report of March 22
Vulnerability Report of April 22
Vulnerability Report of May 22
Vulnerability Report of June 22
Vulnerability Report of July 22
Vulnerability Report of August 22
Vulnerability Report of September 22
Vulnerability Report of October 22
Vulnerability Report of November 22
Zero-Day Vulnerability Report - December 2022
Vulnerabilities Detected in 2024
Security Bulletin
Vulnerabilities 2024
Critical Apache OFBiz Zero-day AuthBiz (CVE-2023-49070 and CVE-2023-51467)
ScreenConnect Authentication Bypass (CVE-2024-1709 & CVE-2024-1708)
CVE-2024-1071 – Critical Vulnerability in Ultimate Member WordPress Plugin
Oracle WebLogic Server Deserialization
ApacheStructs_VG
Apache Struts 2 Vulnerability CVE-2023-50164 Exposed
Unpacking the Zimbra Cross-Site Scripting Vulnerability(CVE-2023-37580)
Adobe ColdFusion Vulnerabilities Exploited in the Wild
Remote Unauthenticated API Access Vulnerabilities in Ivanti
Multiple Moveit Transfer Vulnerabilities
HTTP/2 Rapid Reset Attack Vulnerability
Apache log4j RCE vulnerability
Table of Contents
- Domain
- Can I change the Domain Name from the time of registration?
- Can I change my Web Server IP/Original Server Address from time to time? Will it trigger any security issues?
- I am not able to edit my SSL certificate, Why?/How do I change LetsEncrypt option to custom certificates to update my own certificates?
- Can I change the existing plan without contacting Indusface Support? How?
- Scanner
- How do I change the Scan URL from the time of registration? / Where can I update my Scan URL? / Can I update my Scan URL without contacting Indusface Support? How?
- I have enabled Scan Behind Login page option from the time of registration or Add Website but Why is it showing as disabled in Apptrana portal?
- WAF
- CDN
Settings
- Domain
- Can I change the Domain Name from the time of registration?
- Can I change my Web Server IP/Original Server Address from time to time? Will it trigger any security issues?
- I am not able to edit my SSL certificate, Why?/How do I change LetsEncrypt option to custom certificates to update my own certificates?
- Can I change the existing plan without contacting Indusface Support? How?
- Scanner
- How do I change the Scan URL from the time of registration? / Where can I update my Scan URL? / Can I update my Scan URL without contacting Indusface Support? How?
- I have enabled Scan Behind Login page option from the time of registration or Add Website but Why is it showing as disabled in Apptrana portal?
- WAF
- CDN
Domain
Can I change the Domain Name from the time of registration?
No, Domain name cannot be changed from the time of on boarding. Contact Support for further queries.
Can I change my Web Server IP/Original Server Address from time to time? Will it trigger any security issues?
Yes, you can update your Original Server Address as many times as required without arising any security threats.
Click Domain option in Settings page, click Original Server Address field to update the field and click Save button.
I am not able to edit my SSL certificate, Why?/How do I change LetsEncrypt option to custom certificates to update my own certificates?
To edit SSL certificates, a user should be on custom certificates. Contact Indusface Support for further queries.
Instructions for step by step guidance in updating SSL Certificates.
Can I change the existing plan without contacting Indusface Support? How?
Yes, you can change your existing plan all by yourself.
Click here for more information.
Scanner
How do I change the Scan URL from the time of registration? / Where can I update my Scan URL? / Can I update my Scan URL without contacting Indusface Support? How?
Yes, Scan URL can be changed from the time of registration form time to time depending on the user without any dependency can be done by a user itself.
Follow these simple instructions to change the Scan URL successfully.
I have enabled Scan Behind Login page option from the time of registration or Add Website but Why is it showing as disabled in Apptrana portal?
By enabling Scan Behind Login Page option from the time of registration or while adding a website will help our support team to note down
WAF
Can I view my WAF status and how to update it?
WAF Status option is displayed in Settings page and the selected mode is the existing WAF status.
Click the WAF status you would like to update to and click Update button. Click here for further steps.
Why is my WAF status is in ByPass mode?
By default, after a trial period the WAF status is moved to ByPass mode and stays in the same for next 7 days if not upgraded by the customer and then the website is moved to Basic subscription where there is no WAF protection.
What is DDOS Status?
To provide protection against DDOS attacks,
What type of DDOS setting can be set by customer?
IP threshold is the number of requests allowed in 2 minutes per IP address and the default threshold is set as 3000 req / 2 mins. Click here for more information.
User can set this value from the default value and click Update button.
CDN
What is Cache TTL and how to set it?
TTL stands for Time To Live which indicates the time for cache to be live, it need to be set once the time duration set expires.
It can be set as:
Click time duration drop-down, click any of the displayed options and then click Save button.
Unable to add URL to Always Cache or Never Cache options, an error message is being displayed, can I know why?
A URL cannot exist both in Always Cache and Never Cache options. Hence, an error message is displayed as Kindly make sure the URL doesn't exist in Always Cache as per the selection.
Check the cached URL list for the similar url and delete to add it in the other cache option. Click here for more information.
When is Custom Purge option used?
Instead of purging all the existing URLs, Custom Purge option helps our clients in purging specific URL(s), which will allow only selected URLs to stay cleared of cache for the specified TTL(Time to Live).
Why is it showing error while adding URL in custom purge?
A set of instructions is displayed while custom purging, if the entered URL is not as per the guidelines an error is displayed.
Follow the instructions carefully to avoid any errors. Contact Support for any further queries.