AQTRONIX WebKnight – Open Source Web Application Firewall

Webknight web application firewall   I found out today about AQTRONIX WebKnight, an open source alternative to Microsoft’s URLScan and I’m curious to see if anybody has used it and what were the results.

AQTRONIX WebKnight is an application firewall for IIS and other web servers and is released under the GNU General Public License.

More particularly it is an ISAPI filter that secures your web server by blocking certain requests. If an alert is triggered WebKnight will take over and protect the web server. It does this by scanning all requests and processing them based on filter rules, set by the administrator.

These rules are not based on a database of attack signatures that require regular updates. Instead WebKnight uses security filters as buffer overflow, SQL injection, directory traversal, character encoding and other attacks. This way WebKnight can protect your server against all known and unknown attacks.

Because WebKnight is an ISAPI filter it has the advantage of working closely with the web server, this way it can do more than other firewalls and intrusion detection systems, like scanning encrypted traffic.

My first thought was how does this product relates to URLScan and the FAQ entry states:

Is WebKnight meant to be a complete alternative to IISLockDown and URLScan?
It is meant as an alternative to URLScan, not IISLockDown, because this last one does things an ISAPI filter cannot do. As for URLScan, all of its functionality is implemented in WebKnight. I’ve seen WebKnight blocking malicious requests URLScan didn’t block.

As always, I invite you to download AQTRONIX WebKnight and give it a spin.

 



Thank you for reading this post. You can now Read Comments (7) or Leave A Trackback. Print This Post Print This Post

7 Responses to “AQTRONIX WebKnight – Open Source Web Application Firewall

  • 1
    marcus
    July 15th, 2008 06:50

    I absolutely hate webknight! For no reason at all it has blocked me, and some of my friends from visiting Games Workshops various homepages. When I try to make contact to enquire why I`ve been blocked the only thing that happens is that some lame game pops up. This is very frustrating because Games Workshop products is my and my friends hobby, and we (used to) buy their products online. It´s a very poor service that blocks customers from visiting and shopping. You could at least make it simpler to notify you when your programs cause problems.

  • 2
    michael
    February 12th, 2009 09:33

    what can i do about this to geti am attempting to access my city’s website so that i may pay my water bill but i am now unable to access the website because of the webknight firewall application saying that My request has returned an invalid connection:

    WebKnight Application Firewall Alert

    Your request triggered an alert! If you feel that you have received this page in error, please contact the administrator of this web site.

    ——————————————————————————–

    What is WebKnight?
    AQTRONIX WebKnight is an application firewall for web servers and is released under the GNU General Public License. It is an ISAPI filter for securing web servers by blocking certain requests. If an alert is triggered WebKnight will take over and protect the web server.

    ——————————————————————————–

    For more information on WebKnight: http://www.aqtronix.com/WebKnight/

    AQTRONIX WebKnight

  • 3
    Dragos Lungu
    February 13th, 2009 10:53

    @michael

    I’m affraid this is not the first complaint I get about Webknight even though I’m not it’s author 🙂 . As this tool is deployed on webservers, you will have to contact the city’s IT staff and report the malfunction.

  • 4
    George
    March 19th, 2009 02:02

    WebKnight does a very good job on my web site (IIS6/x64). It has loads of config options. So if you do not check carefully ❗ you are likely to lock out to many users. However, if you configure it properly it is really great! ❗

  • 5
    dgonzalez
    May 20th, 2009 12:16

    Hi George

    If I understood correctly, you installed WEBKNIGHT on Windows Server 64bit with IIS? Is correct?

    I have been trying to find more/substantial documentation, as it is not working for me on Windows Server with IIS.

    Any info you can provide would be greatly appriciated.

    Thank you

  • 6
    Jacob Karma
    September 3rd, 2009 08:42

    I have seen webknight used to protect our server and we switched it off after it caused some wanted traffic to be denied. There was no difference for us if it was on or not – I guess we didn’t need it. Neverthless it looks like a very good program, but difficult to configure.

  • 7
    Craig
    November 18th, 2011 11:51

    Hi 
    Some reason this webKnight has blocked my website http://www.indigodistribution.ie/product-specific.aspx?title=Multiroom%20AV
    its on safari browser and it totally @@@@ing me off, any idea of who i have to contact to fix this? or remove form this stupid thing..
    Please help asap
     
    Many thanks 
    Craig


Subscribe without commenting


Leave a Reply

Note: Any comments are permitted only because the site owner is letting you post, and any comments will be removed for any reason at the absolute discretion of the site owner.

CommentLuv badge