- CheckMates
- :
- Products
- :
- CloudMates Products
- :
- CloudGuard - WAF
- :
- Re: AppSec generating blocks in a detect policy pl...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
AppSec generating blocks in a detect policy plus customize docker
Hello
Today I have received reports that AppSec is blocking content on a "Detect Only" policy. I can reproduce this behavior.
Unfortunately, I can't find any blocking events at all. When the incident occurs, I receive an ID. When I put the ID (e.g. 40a005c0-35e2-48f8-b19c-dc2c87f81686) in "All Events", I get nothing. I can't find a field for this event.
Am I missing something? How can I find this block? I have opened a case for the original problem.
Another question. I am using a Check Point Cloudguard AppSec GW running Docker:
IMAGE COMMAND CREATED STATUS PORTS NAMES
cp_nginx_gaia "/usr/bin/entrypoint.sh nginx -g 'daemon off;'" 2 days ago Up 2 days ago cp_nginx_gaia
This image comes with a preconfigured timeout for web requests of 60 seconds (NGINX default).
I would like to increase this limit to i.e. 300s. Is there any way to achieve this and make this change permanent?
Cheers Christoph
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Please open a TAC case: https://help.checkpoint.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hey Yuval
The block was solved by a ticket and by you:)
The advanced dialog looks exactly as the information I was looking for. Thank you very much.
Best regards
Christoph