Skip to content

Setting up applications

If your company has several applications, you may find it convenient not only to view the statistics of the entire company's traffic but also to view the statistics separately for each application. To separate traffic by the applications, you can use the "application" entity in the Wallarm system.

Using applications enables you to:

For Wallarm to identify your applications, it is required to assign them unique identifiers via the appropriate directive in the node configuration. Identifiers can be set for both the application domains and the domain paths.

By default, Wallarm considers each application to be the default application with the identifier (ID) -1.

Adding an application

  1. (Optional) Add an application in Wallarm Console → Settings → Applications.

    Adding an application

    Administrator access

    Only users with the Administrator role can access the section Settings → Applications.

  2. Assign an application the unique ID in the node configuration via:

    • The directive wallarm_application if Wallarm is installed as NGINX module, cloud marketplace image, NGINX-based Docker container with a mounted configuration file, sidecar container.
    • The environment variable WALLARM_APPLICATION if Wallarm is installed as NGINX-based Docker container.
    • The Ingress annotation wallarm-application if Wallarm is installed as the Ingress controller.
    • The parameter application if Wallarm is installed as Envoy-based Docker container with a mounted configuration file.
    • For Native Node all-in-one installer and Docker image, use the route_config.wallarm_application parameter.
    • For Native Node Helm chart, use the config.connector.route_config.wallarm_application parameter.
    • The application configuration in the Edge inline or connector setup window.

    The value can be a positive integer except for 0.

    If an application with a specified ID is not added in Wallarm Console → Settings → Applications, it will be added to the list automatically. The application name will be generated automatically based on the specified identifier (e.g. Application #1 for the application with the ID -1). The name can be changed via Wallarm Console later.

If the application is properly configured, its name will be displayed in the details of attacks aimed at this application. To test the application configuration, you can send the test attack to the application address.

Automatic application identification

You can configure an automatic application identification on the base of:

  • Specific request headers

  • Specific request header or part of URLs using map NGINX directive

NGINX only

Listed approaches are applicable only for NGINX-based self-hosted node deployments.

Application identification on base of specific request headers

This approach includes two steps:

  1. Configure your network so that the header with application ID is added to each request.

  2. Use value of this header as value for the wallarm_application directive. See example below.

Example of the NGINX configuration file:

server {
    listen       80;
    server_name  example.com;
    wallarm_mode block;
    wallarm_application $http_custom_id;

    location / {
        proxy_pass      http://upstream1:8080;
    }
}    

Attack request example:

curl -H "Cookie: SESSID='UNION SELECT SLEEP(5)-- -" -H "CUSTOM-ID: 222" http://example.com

This request will:

  • Be considered an attack and added to the Attacks section.

  • Be associated with application with ID 222.

  • If the corresponding application does not exist, it will be added to the SettingsApplications and automatically named Application #222.

Adding an application on the base of header request

Application identification on base of specific request header or part of URLs using map NGINX directive

You can add the applications on the base of specific request header or part of endpoint URLs, using the map NGINX directive. See detailed description of the directive in the NGINX documentation.

Deleting an application

To delete the application from the Wallarm system, delete an appropriate directive from the node configuration file. If the application is only deleted from the SettingsApplications section, it will be restored in the list.