Task 1: Onboard Application

GoalStart protecting Juice Shop Application with FortiAppSec Cloud
TaskOnboard Application in FortiAppSec GUI
Verify task completionYour Application will show up in the Application list.

Add Application

  1. Click on the WAF icon in the left menu bar, open the Applications view, and then click + ADD APPLICATION.

    Add-Application1
    .


    and then click, + ADD APPLICATION

    Add-Application2
    .

  2. Tab 1: “WEBSITE”

    • In Web Application Name enter your FortiAppSec Cloud StudentID number which you used to login to FortiAppSec Cloud (found at the top right corner of the FortiAppSec Cloud Screen).
    Info

    For example, if your FortiAppSec Cloud User is CSEAccount669@fortinetcloud.onmicrosoft.com, your Student ID would be: 669

    • For Domain Name use <studentId>.fwebtraincse.com and then select next
    conf-app1
  3. Tab 2: Network,

    • Clear the “HTTP” as we want to force users to interact with FortiAppSec using only HTTPS.
    • For IP Address or FQDN enter the JuiceShop Public IP (which is the Ubuntu VM Public IP from your Terraform Output)
    • For Port enter “3000”
    • Select HTTP for Server Protocol. This is Juice Shop and it is NOT secure
    • Click on Test Origin Server You should see a green box pop up that says “Test successfull”
    • Choose Next
    Conf-app2
  4. Tab 3: CDN

    No Changes. You will notice the Selected WAF Region shows the Platform “AWS” and the Region. In your lab it may show a different platform and region

    Info

    FortiAppSec Cloud automatically chooses the platform and region based on the IP Address of the application. There is no user intervention required.

    • Select Next
    conf-app3
  5. Tab 4: “SETTING”

    • DO NOT enable Block Mode

    • Select Save

    conf-app4
  6. Tab 5: “CHANGE DNS”

    We are presented with very important information regarding DNS settings which need to be changed in order to direct traffic to FortiAppSec Cloud. In this lab, we will not be doing this, as sometimes it can take a while for the DNS settings to propagate.

    Warning

    Take Note of the IPv4 addresses and CNAME for use in a later step. Before you close!

    • Select Close
      conf-app5
  7. You should now see your Application listed in FortiAppSec Cloud. Note that the DNS Status is set to Update Pending This is expected, and we will ignore it.

    conf-app6

    Note

    If you need to recover the application IPs or CNAME later, you can click on the app’s DNS status Update Pending to show DNS status & retrieve the IPs

       <img src="/fortiweb-security-foundations-201/02chapter/01task1/app-ips.png" alt="" loading="lazy">
    
  8. Update Google DNS Use the Form Provided below to update DNS records Example

    • Name : <studentId>.fwebtraincse.com
    • CNAME: <studentId>.fwebtraincse.P2928603258.fortiwebcloud.net
    • click on Create DNS Record

    After a few minutes you should get DNS CNAME record created successfully message.

    dns-updated

    Create DNS CNAME Record

    Delete DNS CNAME Record

    ⚠️ Warning: This action cannot be undone. Make sure you enter the exact values of the record you want to delete.