@@ -655,11 +655,12 @@ claims['address'] = "{ \"address\": { .... } }" # JSON structs can be accessed u
655655
656656### Overview
657657
658- Brute force attacks are attempts to break in to secured areas of a web application by trying exhaustive,
658+ Brute force attacks are attempts to break in to secured areas of a web application by trying exhaustive,
659659systematic, username/password combinations to discover legitimate authentication credentials.
660- To prevent brute force attacks, Nginx App Protect (NAP) WAF tracks the number of failed attempts to reach login pages
661- with enforced brute force protection. When brute force patterns are detected,
662- the Nginx App Protect (NAP) WAF policy considers it to be an attack if the failed logins reached a maximum threshold.
660+ To prevent brute force attacks, WAF monitors both IP addresses and/or usernames and tracks the number of
661+ failed attempts to reach login pages with enforced brute force protection When brute force
662+ patterns are detected, the WAF policy considers it to be an attack if the failed login attempts
663+ reached a maximum threshold for a specific username or coming from a specific IP.
663664
664665### Brute force policy example
665666
@@ -788,7 +789,7 @@ policy:
788789 defined action will be applied when a brute force attack will be detected.
789790
790791 reEnableLoginAfter:
791- Defines prevention period (measured in seconds) for source-based brute force attacks.
792+ Defines prevention period (measured in seconds) for brute force attacks
792793
793794 sourceBasedProtectionDetectionPeriod:
794795 Defines detection period (measured in seconds) for source-based brute force attacks.
@@ -810,19 +811,20 @@ policy:
810811 This is the default setting.
811812
812813 - **form**: The web application uses a form to collect and authenticate user credentials. If using this option,
813- you also need to type the user name and password parameters written in the code of the HTML form.
814+ you also need to type the user name and password parameters names written in the code of the HTML form.
814815
815- - **http-basic**: The user name and password are transmitted in Base64 and stored on the server in plain text.
816+ - **http-basic**: The authentication is done using the HTTP basic authentication.
817+ The user name and password are transmitted in Base64 and stored on the server in plain text.
816818
817- - **http-digest**: The web server performs the authentication; user names and passwords
818- are not transmitted over the network, nor are they stored in plain text.
819819
820- - **ntlm**: Microsoft LAN Manager authentication (also called Integrated Windows Authentication)
821- does not transmit credentials in plain text, but requires a continuous TCP connection between the server and client.
820+ - **http-digest**: The authentication is done using the HTTP digest access authentication.
821+ The user names and passwords are not transmitted over the network, nor are they stored in plain text.
822+
823+ - **ntlm**: The authentication is done using the NTLM authentication.
822824
823825 - **ajax-or-json-request**: The web server uses JSON and AJAX requests to authenticate users
824826 trying to access the web application through the login URL.
825- For this option, you also need to type the name of the JSON element containing the user name and password.
827+ For this option, you also need to type the name of the JSON elements containing the user name and password.
826828
827829 usernameParameterName:
828830 A name of parameter which will contain username string.
0 commit comments