You are here

Home › Client Fingerprinting configuration

Client Fingerprinting configuration

Submitted on 1. March 2013 - 11:20 by ahostett.
Last update on 14. June 2022 - 13:56.
Affects product: 
Airlock WAF

Client fingerprinting is a technology invented, implemented and documented by Ergon Informatik AG, to increase security. This feature enables the detection and prevention of session hijacking attempts.
Once client fingerprinting is enabled, Airlock administrators are able to penalise a user session with penalty points, depending on the configured client fingerprinting rule. Such a rule defines if and with how many penalty points are imposed on a user session when a user-agent header changes or an IP address alters. The administrator must configure a different rule for various types of Web application functionality. An action is also configured for each Web application, which defines what happens when the different thresholds are reached (log only, inform back-end about possible session hijacking, block request or terminate user’s session). Client fingerprinting is highly flexible, can be customised and configured and increases Web application security with only a few settings. For more information download the document.

AttachmentSize
PDF icon Airlock_Client_Fingerprinting_Manual_1.3.pdf876.21 KB
PDF icon Airlock_Client_Fingerprinting_Manual_1.2.pdf356.36 KB
PDF icon Airlock_Client_Fingerprinting_Manual_1.1.pdf327.57 KB
PDF icon Airlock_Client_Fingerprinting_Manual_1.0.pdf304.96 KB
Knowledge Base Categories: 
Installation
Configuration
© Ergon Informatik AG