From 086b7f44b4dcb941752a6dd7269ead5a0ff7e7c1 Mon Sep 17 00:00:00 2001 From: Ohad Perets Date: Mon, 10 Feb 2025 16:24:37 +0000 Subject: [PATCH 1/2] fix: some comments from PM --- content/nap-waf/v4/configuration-guide/configuration.md | 6 ++++-- content/nap-waf/v5/configuration-guide/configuration.md | 6 ++++-- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/content/nap-waf/v4/configuration-guide/configuration.md b/content/nap-waf/v4/configuration-guide/configuration.md index e96be795c..fd5e4e0bd 100644 --- a/content/nap-waf/v4/configuration-guide/configuration.md +++ b/content/nap-waf/v4/configuration-guide/configuration.md @@ -660,7 +660,8 @@ systematic, username/password combinations to discover legitimate authentication To prevent brute force attacks, NGINX App Protect WAF monitors IP addresses, usernames, and the number of failed login attempts beyond a maximum threshold. When brute force patterns are detected, the NGINX App Protect WAF policy either trigger an alarm or block the attack if the failed login attempts reached a maximum threshold for a specific username or coming from a specific IP address. -To enable brute force protection, at least one login page must be created. +To enable brute force protection, at least one login page must be created. +The login page entity is created separately and is not included in the brute force configuration block --- @@ -722,7 +723,8 @@ Example1: A single brute force configuration is applied universally to all login } ``` -Example2: Different brute force configurations can be defined for individual login pages. +Example2: Different brute force configurations can be defined for individual login pages. + with each configuration referencing a specific login page. ```json { "policy": { diff --git a/content/nap-waf/v5/configuration-guide/configuration.md b/content/nap-waf/v5/configuration-guide/configuration.md index 1121f7688..5cbb9a80e 100644 --- a/content/nap-waf/v5/configuration-guide/configuration.md +++ b/content/nap-waf/v5/configuration-guide/configuration.md @@ -798,7 +798,8 @@ systematic, username/password combinations to discover legitimate authentication To prevent brute force attacks, NGINX App Protect WAF monitors IP addresses, usernames, and the number of failed login attempts beyond a maximum threshold. When brute force patterns are detected, the NGINX App Protect WAF policy either trigger an alarm or block the attack if the failed login attempts reached a maximum threshold for a specific username or coming from a specific IP address. -To enable brute force protection, at least one login page must be created. +To enable brute force protection, at least one login page must be created. +The login page entity is created separately and is not included in the brute force configuration block --- @@ -861,7 +862,8 @@ Example1: A single brute force configuration is applied universally to all login } ``` -Example2: Different brute force configurations can be defined for individual login pages. +Example2: Different brute force configurations can be defined for individual login pages. + with each configuration referencing a specific login page. ```json { "policy": { From 2a3bc3c6eb1aa4cf51cd81510716596fe0ab3ec5 Mon Sep 17 00:00:00 2001 From: Ohad Perets Date: Mon, 10 Feb 2025 16:29:13 +0000 Subject: [PATCH 2/2] fix: some comments from PM --- content/nap-waf/v4/configuration-guide/configuration.md | 4 ++-- content/nap-waf/v5/configuration-guide/configuration.md | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/content/nap-waf/v4/configuration-guide/configuration.md b/content/nap-waf/v4/configuration-guide/configuration.md index fd5e4e0bd..3d834f392 100644 --- a/content/nap-waf/v4/configuration-guide/configuration.md +++ b/content/nap-waf/v4/configuration-guide/configuration.md @@ -661,7 +661,7 @@ To prevent brute force attacks, NGINX App Protect WAF monitors IP addresses, use When brute force patterns are detected, the NGINX App Protect WAF policy either trigger an alarm or block the attack if the failed login attempts reached a maximum threshold for a specific username or coming from a specific IP address. To enable brute force protection, at least one login page must be created. -The login page entity is created separately and is not included in the brute force configuration block +The login page entity is created separately and is not included in the brute force configuration block. --- @@ -724,7 +724,7 @@ Example1: A single brute force configuration is applied universally to all login ``` Example2: Different brute force configurations can be defined for individual login pages. - with each configuration referencing a specific login page. + With each configuration referencing a specific login page. ```json { "policy": { diff --git a/content/nap-waf/v5/configuration-guide/configuration.md b/content/nap-waf/v5/configuration-guide/configuration.md index 5cbb9a80e..f4c9ed13e 100644 --- a/content/nap-waf/v5/configuration-guide/configuration.md +++ b/content/nap-waf/v5/configuration-guide/configuration.md @@ -863,7 +863,7 @@ Example1: A single brute force configuration is applied universally to all login ``` Example2: Different brute force configurations can be defined for individual login pages. - with each configuration referencing a specific login page. + With each configuration referencing a specific login page. ```json { "policy": {