Support
Types of Reports

ModSecurity WAF Rules Report

This document is for:
Invicti Standard, Invicti Enterprise On-Premises, Invicti Enterprise On-Demand

Invicti scans your system to identify vulnerabilities that may have a critical or high severity level. If you cannot fix these vulnerabilities immediately, attackers can exploit them and take control of your website. Invicti helps prevent attackers from exploiting these vulnerable URLs in your system by allowing you to export rules for ModSecurity Web Application Firewall (WAF).

By generating Invicti’s findings as ModSecurity WAF Rules:

  • You can immediately block requests to a resource if the requests contain malicious payloads that would exploit it
  • Developers gain time in fixing these vulnerable points.
  • Your system remains secure until a fix is found and patched

Please note that you cannot cover all security flaws by blocking access to a specific resource using a web application firewall. For example, application source code disclosure cannot be exported as an F5 BIG-IP WAF rule.

Both Invicti products allow the export of scan results as ModSecurity WAF Rules.

For further information, see Overview of Reports, Report Templates, Built-In Reports and Web Application Firewalls.

How to Generate a ModSecurity WAF Rules Report in Invicti Enterprise
  1. Log in to Invicti Enterprise.
  2. From the main menu, click Scans, then Recent Scans. The Recent Scans window is displayed.
  3. Next to the relevant report, click Report. The Scan Summary window is displayed.
  4. Click Export. The Export Report dialog is displayed.
  1. From the Report dropdown, select ModSecurity WAF Rules.
  1. From the Format drop-down, select an option.
  2. Click Export. You can view the report in the Save location.
How to Generate a ModSecurity WAF Rules Report in Invicti Standard
  1. Open Invicti Standard.
  1. From the Reporting tab, click the ModSecurity WAF Rules. The Save Report As dialog box is displayed.
  1. Select a save location and click Save.
  2. The Export Report dialog is also displayed at this point, with the Path field already populated from the previous dialog.
  1. From this Export Report dialog, you can decide on:
  • Policy: Select the default policy or customized policy report(s) (see Custom Report Policies).
  • Vulnerability Options: Select all or any options below:
    • Export Confirmed: When selected, the report will include confirmed vulnerabilities.
    • Export Unconfirmed: When selected, the report will also include unconfirmed vulnerabilities.
    • Export All Variations: Variations mean that if Invicti identified some passive or information level issues in more than one page, it does not show all these variations. However, users can change this by enabling or disabling this option.
  • Header and Footer
    • Enter relevant information that will appear in the header and footer section of the report.
  • Open Generated Report: When selected, your report(s) is generated when you click Save.
  1. Click Save.