Applies To:Show Versions
BIG-IQ Centralized Management
Managing Web Application Security Policies
Using Web Application Security policies to improve application protection
Create a Web Application Security policy
- Go toThe screen displays your protected objects, and provides summary data, based on the selected time settings. To change the scope of the time settings, use the control to the top left of the screen.
- ClickCreateand selectPolicy.
- Specify the following information about the new Web Application Security policy:
- Type theName(required) of the security policy.
- Specify thePartition(required) to which the security policy belongs.Only users with access to a partition can view the objects that it contains. If the security policy resides in theCommonpartition, all users can access it.
- ForApplication Language, select the language encoding (required) for the web application, which determines how the security policy processes the character sets.The default language encoding determines the default character sets for URLs, parameter names, and parameter values.
- ForEnforcement Mode, specify whether blocking is active or inactive for the security policy.You can enable or disable blocking for individual violations in the subsequent tables of settings and properties. Iftransparentappears, blocking is disabled for the security policy. This disables blocking for all options, and the check boxes to enable blocking are unavailable.
- When you are finished editing General Properties, clickSave.This makes the remaining policy objects available for editing.
- Click the options in the list to the left to configure addition properties to your policy.
- ClickSaveto save the modifications to each policy property.
- ClickSave & Closewhen you are finished editing.