Skip to main content

Getting Started with Cloud APIM WebShield

Welcome to Cloud APIM WebShield! This tutorial will help you quickly set up and configure WebShield for your web application or API, ensuring enhanced protection with just a few steps.

1. Create Your First WebShield Project

Head to WebShield Project Creation and start your first project.

Follow the prompts to name your project and get it ready for configuration.

2. Integrate WebShield with a Cloud APIM Service (Optional)

If you're connecting WebShield to an existing Cloud APIM service, follow the instructions in this tutorial to ensure seamless integration.

3. Configure Your Backend

This configuration tells WebShield which web app or API it needs to protect.

Navigate to: Go to the Firewall Settings tab, and select Backend Configuration.

Enter Backend URL: Add the URL of the backend (your API or web app) to secure.

Set TLS (if applicable):

If using TLS: Leave port 443 as default and check the "TLS enabled" box.

If not using TLS: Uncheck the "TLS enabled" box and update the port if necessary.

By default, the port is set to 443 for TLS; however, you can specify another port if needed.

4. Configure Your Firewall Rules

Customizing your firewall settings enables WebShield to guard against potential threats.

Navigate to: Within Firewall Settings, select Firewall Configuration.

Add Security Rules: Write your firewall rules using Coraza Rules.

For basic protection, you can use the recommended configuration:

Include @recommended-conf,
Include @crs-setup-conf,
Include @owasp_crs/*.conf,
SecRuleEngine On