Browse again to the Arcadia web app and verify that it is still working.
Let’s simulate a Cross Site Scripting (XSS) attack, and make sure it’s blocked:
Each of the blocked requests will generate a support ID, save it for later.
Here, you’ll see all the request logs, allowed and blocked, sent by the Nginx WAF to ELK.
Let’s look for the reason why our attack requests were blocked.
In the right side of the panel, you can see the full request log and the reason why it was blocked.