Notice Concerning Security Enhancements
Thank you for your continued patronage of our services.
LearningBOX will introduce WAF (Web Application Firewall) in the shared environment starting with the Ver2.19 release as part of security enhancement.
This announcement summarizes the concerns that have been raised since the WAF was introduced.
Reasons for implementing WAF
In recent years, cyber attack methods have become more sophisticated, and the time between the discovery of a vulnerability and an attack has become shorter.
In order to protect our customers' personal information and services from increasingly sophisticated cyber-attack threats, learningBOX has decided to implement WAF.
What is WAF?
WAF is a security tool to protect websites by detecting and preventing attacks that exploit web application vulnerabilities.
It protects services from attacks by blocking malicious requests before they reach the server.
How WAF works
WAF intervenes in communication between the access source and the web server and uses "signatures" to detect attacks and prevent unauthorized access. When WAF detects an attack, it intercepts the communication and logs it, while simultaneously sending a warning message to the access source on behalf of the web server. At the same time, it returns a warning message to the access source on behalf of the Web server.
General firewalls do not check the content of communications or even the method of communication. Any communication that passes through the system's port of entry will reach the web application, even if the content is malicious.
In addition, IDS (Intrusion Detection System) and IPS (Intrusion Prevention System) detect unauthorized access using signatures similar to WAF, but their detection accuracy for unauthorized access to web applications is low and they cannot provide sufficient security measures.
WAF will be introduced from learningBOX [Ver2.19] in the shared environment
With the introduction of WAF, there is a possibility that the global IP address you are using may be determined to be blocked.
Countermeasures when 403Forbidden is displayed
If you receive a 403 Forbidden message on your browser, please wait a moment and try accessing the site again.
If you are accessing the site via a VPN or other means, accessing the site without a VPN may improve the situation.
- learningBOX upgraded to Ver. 2.19
- De-Exit Harassment! What the company should pay attention to during the handover
Comment ( 0 )
Trackbacks are closed.