In this recurring blog series, we discuss one of the countermeasures in UltraWAF, our Web Application Firewall and Bot Management solution. If you’re not using UltraWAF and protection for your online presence, get in touch with us.
HTML Cross-Site Scripting
Our featured countermeasure this month is HTML Cross-Site Scripting, or XSS. XSS is an attack where the attacker inputs JavaScript or other client-side code with <script>, <iframe>, JavaScript DOM events, or other triggers to get code reflected to and executed inside another web browser. XSS targets typically are websites that have user-generated content such as comments, ratings, or forums.
The XSS countermeasure detects HTTP/HTTPS requests with any of the XSS triggers.
There are some configurable items inside:
“Check Complete URLs”: If this box is checked, XSS detection is performed on the entire URL, including the query string. This should be enabled for most uses.
“Relaxation Rules”: These are values and URLs that are allowed as part of tuning.
“Learning Mode”: When used with the “Trusted IP Addresses” tab, the countermeasure will recommend Relaxation Rules for you.
“Alert Threshold”: The number of violations that generate an email and portal alert.
To learn more about our UltraWAF solution, please visit our product page.
