All AppProtection profiles have a set of AppProtection controls that you can use to help you define how AppProtections are managed. To learn more, see About AppProtection Controls.

The WebSocket controls currently available in the Admin Portal are WebSocket predefined controls and WebSocket custom controls. WebSocket predefined controls are automatically populated in the portal. You can create WebSocket custom controls and use them within a new or existing AppProtection profile. Custom controls give you the flexibility to set and define the specific request and response elements (e.g., max fragments per message, max payload size, etc.) and the preferred action used to handle them.

WebSocket controls allow you to inspect your WebSocket protocol traffic. The data is sent from Private Applications to the application server or from the application server to Private Applications. The WebSocket TCP connection remains open until it is closed by either Private Applications, a client, or the application server.

The WebSocket predefined controls are organized into various categories:

• WebSocket Handshake Headers Check
• WebSocket Framing Errors
• Frame Type Verification
• Client Mask Bit Verification
• Server Unmask Bit Verification

To verify the handshake header values (i.e., Upgrade and Connection), leverage the existing HTTP custom controls.

About the WebSocket Controls Page

On the WebSocket Controls page (Policies > Cybersecurity > Inline Security > Protection Controls > WebSocket Controls), you can do the following:

1. Go to the ThreatLabZ Controls page to view the available predefined controls.
2. Go to the OWASP Predefined Controls page to view the available predefined controls.
3. Go to the Custom Controls page to view the available custom controls.
4. Expand all the rows in the table to see more information about each Websocket control.
5. Add a new WebSocket custom control.
6. View a list of all configured WebSocket controls:

• Control Number: A number to differentiate each WebSocket control. The table shows the controls in the order they were created, and the order cannot be changed. When expanded, the following information is displayed:
  • Description: An explanation of how the control works.
  • Paranoia Level: The associated level, which corresponds to the levels available in an AppProtection profile.
  • Used in AppProtection Profiles: The AppProtection profiles using the WebSocket control. Select an AppProtection profile if you want to edit it.
• Name: The name of the WebSocket control.
• Category: Whether the WebSocket control is a custom control or a predefined control.
• Severity: The level of security concern the WebSocket control has.
• Control Action: The action that is used for this WebSocket control.

7. Edit a WebSocket custom control.
8. Delete a custom control.

When a WebSocket control is in use by an AppProtection profile, it cannot be deleted.