Basic web protection is a firewall that will protect your resource from attacks related to the following vulnerabilities:
- Broken Authentication
- Sensitive Data Exposure
- XML External Entities (XXE)
- Broken Access control
- Security misconfigurations
- Cross Site Scripting (XSS)
- Insecure Deserialization
- Using Components with known vulnerabilitiesInsufficient logging and monitoring
The option is free. In the free version, you cannot customize rules for basic web protection and the number of protected requests may be limited for the resource. You can enable it in the resource settings in the "Web Protection" section.
There is also a paid version of web protection with customizable rules and unlimited requests. To activate it, contact a manager or technical support.