Create and configure Web Application Firewall (WAF) in Oracle Cloud (OCI) for Public site

Create and configure Web Application Firewall (WAF) in Oracle Cloud (OCI) for  Public sites

1.      1.Login to OCI with administrator credential 

1.      2.Click Web Application Firewall by navigating “Identity & Security” in the OCI Admin portal

1.      3.Click create new WAF policy in the Web application Firewall page

1.      4.In the “Create WAF policy “page, Click “Use legacy workflow here if you need to secure your non-OCI web applications”

1.      5.In the “Create Edge Policy” provide the below details and  then click Create Edge Policy

Name:  name of the WAF Edge Policy

WAF Policy Compartment:  Select your Compartment

Primary Domain: provide your public domain FQDN

Origin Name: Name of your Source

Origin URI: Source of your application public FQDN. Ex: SharePoint public URL, Load balancer URL, API Gateway URL, API Application, IIS site URL etc.

6. Enable HTTPS in WAF by Importing Public Certificate

Convert your public certificate, Private Key and intermediate key in PEM format before enabling HTTPS in WAF.

  6a.Click Edit in the General Settings in WAF to Enable HTTPS and to import certificate

6b. In the Edit Settings page, Select “Enable HTTPS Support” 

6c.In the Edit setting page, choose “Upload or paste certificate and private key” under certificate Source

6d.Choose Text as “upload certificate Source” and “Upload private key Source”. In the certificate text editor section, paste your certificate content and intermediate certificate content one by one and paste your private key content in the private key text editor section from your PEM format files.

6e. Save your changes and publish the WAF.

7. Create the CNAME record as per in the WAF in your public domain control panel.