Walter.Web.Firewall.Core.3.x
2020.9.9.2
Prefix Reserved
Use the latest Package from Walter.Web.FireWall in your project
dotnet add package Walter.Web.Firewall.Core.3.x --version 2020.9.9.2
NuGet\Install-Package Walter.Web.Firewall.Core.3.x -Version 2020.9.9.2
<PackageReference Include="Walter.Web.Firewall.Core.3.x" Version="2020.9.9.2" />
paket add Walter.Web.Firewall.Core.3.x --version 2020.9.9.2
#r "nuget: Walter.Web.Firewall.Core.3.x, 2020.9.9.2"
// Install Walter.Web.Firewall.Core.3.x as a Cake Addin #addin nuget:?package=Walter.Web.Firewall.Core.3.x&version=2020.9.9.2 // Install Walter.Web.Firewall.Core.3.x as a Cake Tool #tool nuget:?package=Walter.Web.Firewall.Core.3.x&version=2020.9.9.2
This package allows you to protect your firewall using annotations and pre-specified rules. A full getting started document is available at www.asp-waf.com in form of a PDF, compiled help and simple instructions
The bellow sample shows how you integrate and enable the firewall in your project.
services.AddFireWall(FireWallTrail.License, FireWallTrail.DomainKey
, domainName: new Uri("https://www.your-domain.com", UriKind.Absolute)
, options =>
{
options.Cypher.ApplicationPassword = "123456$even";
options.ApplicationName = "Name as used for reporting";
options.ApplicationTag = "ITIL Tag";
options.Rules.BlockRequest.BlockDuration.SlideExpiration = true;
options.Rules.BlockRequest.BlockDuration.Expires = TimeSpan.FromSeconds(10);
//used by JavaScript in the browser
options.WebServices.IsUserApiUrl = new Uri(Links.IsUserEndpoint, UriKind.Relative);
options.WebServices.RegisterLinksApiUrl = new Uri(Links.SiteMapEndPoint, UriKind.Relative);
options.WebServices.BeaconApiUrl = new Uri(Links.BeaconPoint, UriKind.Relative);
});
//protect each MVC controller
services.AddMvc(options =>
options.Filters.Add<Walter.Web.FireWall.Filters.FireWallFilter>()
);
The firewall is fully configurable and has quite a few options that allow you to protect against fishing, scrubbing, cross-site attach and much more.
There are a ton of configuration options available using the many annotations
namespace MyProject.Controllers
{
using Walter.Web.FireWall;
using Walter.Web.FireWall.Annotations;
using Walter.BOM.Geo;
[Geo(blockLocation: GeoLocation.AFRICA | GeoLocation.LATIN_AMERICA | GeoLocation.Netherlands)]
[Users(users: UserTypes.IsHuman | UserTypes.IsSearchEngine)]
[BlockDuration(duration: 60, sliding: true, doubleDurationPerIncedent: true)]
public sealed class MembersController : Controller
{
private readonly ILogger<MembersController> _logger;
private readonly IPageRequest _page;
public HomeController(ILogger<MembersController> logger,IPageRequest page)
{
_logger = logger;
_page=page;
}
public IActionResult Index()
{
return View();
}
[Ignore]
[ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]
public IActionResult Error()
{
//the page field will contain all the errors the user ran into
return View(new ErrorViewModel { RequestId = Activity.Current?.Id ?? HttpContext.TraceIdentifier });
}
}
}
This is just a small set of options of what's possible
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net5.0 was computed. net5.0-windows was computed. net6.0 was computed. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 was computed. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 was computed. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. |
| .NET Core | netcoreapp3.0 is compatible. netcoreapp3.1 is compatible. |
| .NET Standard | netstandard2.1 is compatible. |
| MonoAndroid | monoandroid was computed. |
| MonoMac | monomac was computed. |
| MonoTouch | monotouch was computed. |
| Tizen | tizen60 was computed. |
| Xamarin.iOS | xamarinios was computed. |
| Xamarin.Mac | xamarinmac was computed. |
| Xamarin.TVOS | xamarintvos was computed. |
| Xamarin.WatchOS | xamarinwatchos was computed. |
-
.NETCoreApp 3.0
- Microsoft.AspNetCore.Http.Features (>= 3.1.8)
- Microsoft.AspNetCore.Mvc.Core (>= 2.2.5)
- Microsoft.AspNetCore.Mvc.RazorPages (>= 2.2.5)
- Microsoft.AspNetCore.Routing (>= 2.2.2)
- Microsoft.Extensions.Caching.Abstractions (>= 3.1.8)
- Microsoft.Extensions.Configuration.Binder (>= 3.1.8)
- Microsoft.Extensions.DependencyInjection.Abstractions (>= 3.1.8)
- Microsoft.Extensions.FileProviders.Physical (>= 3.1.8)
- Microsoft.Extensions.Identity.Core (>= 3.1.8)
- Microsoft.Extensions.Logging.Abstractions (>= 3.1.8)
- Newtonsoft.Json (>= 12.0.3)
- System.Configuration.ConfigurationManager (>= 4.7.0)
- Walter (>= 2020.9.8)
- Walter.BOM (>= 2020.9.9.2)
- Walter.Cypher (>= 2020.9.8)
- Walter.Net.LookWhosTalking (>= 2020.9.9.2)
- Walter.Net.Networking (>= 2020.9.9.2)
- Walter.Web.FireWall.SqlDataTools (>= 2020.9.9.2)
-
.NETCoreApp 3.1
- Microsoft.AspNetCore.Http.Features (>= 3.1.8)
- Microsoft.AspNetCore.Mvc.Core (>= 2.2.5)
- Microsoft.AspNetCore.Mvc.RazorPages (>= 2.2.5)
- Microsoft.AspNetCore.Routing (>= 2.2.2)
- Microsoft.Extensions.Caching.Abstractions (>= 3.1.8)
- Microsoft.Extensions.Configuration.Binder (>= 3.1.8)
- Microsoft.Extensions.DependencyInjection.Abstractions (>= 3.1.8)
- Microsoft.Extensions.FileProviders.Physical (>= 3.1.8)
- Microsoft.Extensions.Identity.Core (>= 3.1.8)
- Microsoft.Extensions.Logging.Abstractions (>= 3.1.8)
- Newtonsoft.Json (>= 12.0.3)
- System.Configuration.ConfigurationManager (>= 4.7.0)
- Walter (>= 2020.9.8)
- Walter.BOM (>= 2020.9.9.2)
- Walter.Cypher (>= 2020.9.8)
- Walter.Net.LookWhosTalking (>= 2020.9.9.2)
- Walter.Net.Networking (>= 2020.9.9.2)
- Walter.Web.FireWall.SqlDataTools (>= 2020.9.9.2)
-
.NETStandard 2.1
- Microsoft.AspNetCore.Http.Features (>= 3.1.8)
- Microsoft.AspNetCore.Mvc.Core (>= 2.2.5)
- Microsoft.AspNetCore.Mvc.RazorPages (>= 2.2.5)
- Microsoft.AspNetCore.Routing (>= 2.2.2)
- Microsoft.Extensions.Caching.Abstractions (>= 3.1.8)
- Microsoft.Extensions.Configuration.Binder (>= 3.1.8)
- Microsoft.Extensions.DependencyInjection.Abstractions (>= 3.1.8)
- Microsoft.Extensions.FileProviders.Physical (>= 3.1.8)
- Microsoft.Extensions.Identity.Core (>= 3.1.8)
- Microsoft.Extensions.Logging.Abstractions (>= 3.1.8)
- Newtonsoft.Json (>= 12.0.3)
- System.Configuration.ConfigurationManager (>= 4.7.0)
- Walter (>= 2020.9.8)
- Walter.BOM (>= 2020.9.9.2)
- Walter.Cypher (>= 2020.9.8)
- Walter.Net.LookWhosTalking (>= 2020.9.9.2)
- Walter.Net.Networking (>= 2020.9.9.2)
- Walter.Web.FireWall.SqlDataTools (>= 2020.9.9.2)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.
| Version | Downloads | Last updated |
|---|
09 September 2020
1. Add access to Rules class for advanced configuration before rule engine uses it to generated default rules
https://firewallapi.asp-waf.com/?topic=html/Events.T-Walter.Web.FireWall.IFireWallConfig.htm
2. Add access to RuleEngine configuration for runtime PEN scripts detection by making RulesConfig.BlockedPatterns Property public
https://firewallapi.asp-waf.com/?topic=html/P-Walter.Web.FireWall.Configurations.RulesConfig.BlockedPatterns.htm
3. Update documentation and sample documentation in on-line help and manual
https://www.asp-waf.com/download/ASP-WAF-FireWall-Getting-Started.pdf
4. Fix issue where sometimes a user gets rejected for being in the wrong group without having a filter defined.
https://firewallapi.asp-waf.com/?topic=html/P-Walter.Web.FireWall.Configurations.RulesConfig.RejectUsersByDefault.htm
08 September 2020
1. Add OnRootPageRequestDisposed and OnResourceSend event to FireWallBase class as well as IFireWall interface
Methods allow for post processing in proprietary projects
https://firewallapi.asp-waf.com/?topic=html/Events.T-Walter.Web.FireWall.FireWallBase.htm
2. Provide access to default rules for UrlValidationPatterns
https://firewallapi.asp-waf.com/?topic=html/P-Walter.Web.FireWall.Configurations.RulesConfig.BlockedPatterns.htm
2. Fix bug where sometimes users would be blocked as no user rule was defined
06 September 2020
1. update documentation
2. Update terms
3. Update NuGet package references
04 September 2020
1. update documentation
2. Add manual blocking on event
03 September 2020
1. Add events for firewall management
https://firewallapi.asp-waf.com/?topic=html/Events.T-Walter.Web.FireWall.IFireWall.htm
2. Add method for using custom IFireWall implementation using base class
https://firewallapi.asp-waf.com/?topic=html/M-Walter.Web.FireWall.FireWallBase.-ctor.htm
27 August 2020
1. Update License test for machine name in URL allowing it as a valid local licensed domain as LocalHost
2. Update documentation
3. Save incidents to disk in clear json format making it easier to validate blocking incidents
4. Show RuleId and ViolationId in Page if triggered and enabled
26 August 2020
1. Export FireWall base to the framework for custom implementation of IFireWall
22 August 2020
1. Alter default cookie names
2. Set CRF token settings based on firewall settings
3. update text report to associate fictitious user nr to incident details