Overview

Integrating Strivacity with a Web Application Firewall (WAF) involves specific configurations on both the Strivacity and application side. These configurations enable secure, scalable, and efficient operation, respecting both security requirements and brand customization constraints.

Configuration steps

Domain configuration

• Contact Strivacity customer support to receive a domain with an SSL certificate that will be used to route traffic from the WAF to this domain. This is the domain that the WAF will point to.
• No Name Service (NS) Domain change is needed, as the WAF takes ownership of the domain not Strivacity.
• If supporting multiple domains, those should be configured in the WAF and point to the same Strivacity provided domain. Configuring additional domains still requires Strivacity customer support to configure the product instance to expect traffic from those domains
• Configure the WAF to add the end user's IP from the X-Forwarded-For (XFF) header.
• Be sure to maintain the original host header.

Email delivery configuration

Strivacity must be configured to use your own brand's SMTP server for outbound email.

• Configure your SMTP server details in Strivacity Email configuration
• Verify email deliverability from Strivacity using your SMTP configuration.