FAQ: dotDefender

Expand / Collapse

Summary

This knowledge base article covers dotDefender basics such as how to determine if your request was blocked by the software, how to report the request to Edge Hosting Support, and how to log into dotDefender to view the block should you need to do so.

What is dotDefender?

How will I know if dotDefender blocked my request?

How do I report a dotDefender Block?

How do I log into dotDefender Admin?

When are dotDefender rules updated?

 


What is dotDefender?

dotDefender is a web application firewall.  It examines web based user interactions with your application(s) by performing deep inspection of HTTP traffic content in order to filter out harmful requests like SQL injection, cross-site scripting, etc.  Running dotDefender locally on your web server complements our network based security measures such as your firewall and our intrusion protection system by filtering out attacks against your application itself.

 


 

How do I know if dotDefender blocked my request?

As with any signature based filtration system, it is possible to receive a false positive within dotDefender.  Any request blocked by dotDefender will return a page similar to the following:

If you, or your end users receive this block response and it's inhibiting functionality within your application, please submit a Support ticket so that we can investigate for you.

 


 

How do I report a dotDefender block?

If a legitimate request within your application is being blocked by dotDefender, our Support department will need a new Support ticket created with the following pieces of information in order to investigate. 
  • The 16 digit reference ID from the block.  This can be copied and pasted from the error page into a new Support ticket.
  • Steps to reproduce the issue.  What URL are your hitting when the error occurs?  Do we need to be logged into your application?  Please provide a step by step to get logged in (if necessary) and reproduce the issue.  We need this information in order to test once we have created an exception within dotDefender.
Note:  If you do NOT wish for us to attempt to reproduce the issue because it is service impacting, please do NOT provide the step by step, and instead submit the ticket with only the reference ID and provide contact information so we can call you when we're ready to test.

 


 

How do I log into dotDefender to view the logs?

Although Edge Hosting is prefers to fully manage your dotDefender instance, we do allow customers direct access to the management interface by request.  You can access the management interface to review your dotDefender logs and create exceptions to any rule that creates a false positive within your application.

Starting with dotDefender version 4, administration switched to a web based interface for all management. The URL format to access dotDefender administration is:

http://<hostname>/dotDefender

You can find your server hostname listed within the Support portal, or by logging in via RDP/SSH if you are unsure.  If you are using dotDefender version 3 and lower, you will need to log into the server and manage dotDefender through the application locally as web access is not enabled for these versions.

Authenticating

For Windows Servers:  You will need to login using your remote desktop username and password.
For Linux Servers:  A user will need to be created.

In either case you can contact Support if you do not have access.

When are dotDefender rules updated?

DotDefender rules are configured to update weekly. Rule testing is done by Applicure, the makers of dotDefender. Signature changes are pushed out to all clients as needed. These changes don't affect processing times and are minor changes. Rule changes that are significant are usually released as part of a software update rather than pushed out to existing clients. Should you wish to update dotDefender, please contact Support.


Rate this Article:


Details
Category: Security

Last Modified:Monday, November 03, 2014 8:36 AM

Type: HOWTO

Level: Advanced

Rated 2 stars based on 2 votes.

Article has been viewed 12,734 times.

Options
Email Article Email Article


Social Bookmarks Social Bookmarks