Knowledge Search


×
 

[WebappSecure/Mykonos] How to configure WebappSecure to protect multiple applications/webservers

  [KB28842] Show Article Properties


Summary:
The KB describes in detail on protecting multiple applications/webservers through WebappSecure (JWAS)
Symptoms:
Need to protect multiple webservers through WebappSecure. For example, this KB describes the steps to add the webservers called “webappsecure.com” and “server.com”, both are hosted on different ip addresses.
Cause:

Solution:
WebappSecure can be configured to protect multiple backend applications/webservers, below are the steps in details that can walk us through the procedure:

1. On the WebappSecure WebUI, go to Configuration -->Applications and click on “Add New Application” to create a new application


2. Run the wizard by providing the required information in Step1

3. In Step2, select the drop down under “suggestions” and select the appropriate regex template, below example shows that the second in list has been chosen as highlighted. Click on “Use Suggestion” tab to have the Host Regex field filled automatically.


4. Modify the Host Regex to match the webserver or application name, below screenshot shows an example for the webserver “webappsecure.com”


5. In step3, change the number of backend servers to 1 and click next

6. In Step4, configure the backend webserver details like port information, ip address etc and complete the wizard

7. Similarly add another application ie., another webserver that needs to be protected

8. Finally, the application page will look like this


9. Looking at individual applications, we can see that the regex matches specifically to the webserver domain




10. Make a change in DNS server (or the load balancer depending on network topology)  to map the webservers names to resolve to webappsecure ip address. To validate, ping each of the backendserver name and the response should come from JWAS (WebappSecure) IP address. Below screnshot shows that ping to www.server.com and www.webappsecure.com has the response coming from JWAS IP 172.22.151.88




11. Perform a quick test by accessing URLs like http://www.server.com/.htpasswd and http://www.webappsecure.com/.htaccess and notice that the incidents are triggered on dashboard. As soon the user gets the fake .htaccess and .htpasswd file, it indicates that the webservers are being reverse proxied by JWAS, ie. being protected by JWAS.


12. Open the individual incidents and look at the incident details and the URL which triggered the incident, this shows that both the webservers which are hosted on diferent ip addresses are being protected by JWAS




NOTE:
- Define global backend to ensure that any requests without the “host” header and / or that go to the bare IP will be serviced.
- Make sure to configure the host regex correctly for the application so that right website is serviced and proxied

Related Links: