index.xml

<?xml version="1.0" encoding="utf-8" standalone="yes" ?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
  <channel>
    <title>Janusec Application Gateway - Application Security Solution on Janusec</title>
    <link>https://janusec.github.io/</link>
    <description>Recent content in Janusec Application Gateway - Application Security Solution on Janusec</description>
    <generator>Hugo -- gohugo.io</generator>
    <language>en-us</language>
    <lastBuildDate>Fri, 11 May 2018 21:03:34 +0800</lastBuildDate>
    
	<atom:link href="https://janusec.github.io/index.xml" rel="self" type="application/rss+xml" />
    
    
    <item>
      <title>Download</title>
      <link>https://janusec.github.io/dl/</link>
      <pubDate>Thu, 24 May 2018 20:37:42 +0800</pubDate>
      
      <guid>https://janusec.github.io/dl/</guid>
      <description>Download Janusec Application Gateway    Type Requirements Download     Binary Release CentOS/RHEL 7 or Debian 9, with systemd 0.9.4   Source Code Linux with systemd Github    Console  wget https://www.janusec.com/download/janusec-latest.tar.gz
 WebCruiser Web Vulnerability Scanner WebCruiser Web Vulnerability Scanner Introduction
Requirements  Platform: Windows 7/8/10
 .Net Framework 4.5+, IE 9+
  Download    Platform Download     Windows Desktop WebCruiser Web Vulnerability Scanner Free Edition 3.</description>
    </item>
    
    <item>
      <title>Quick Start</title>
      <link>https://janusec.github.io/documentation/quick-start/</link>
      <pubDate>Thu, 17 May 2018 22:28:32 +0800</pubDate>
      
      <guid>https://janusec.github.io/documentation/quick-start/</guid>
      <description>Quick Start 快速入门中文版
This document will guide you to install a Single-Node Janusec Application Gateway.
Requirements    Role Operating System Database     Master Node CentOS/RHEL 7, or Debian 9, x86_64, with systemd PostgreSQL 9.3 / 9.4 / 9.5 / 9.6 / 10   Slave Node CentOS/RHEL 7, or Debian 9, x86_64, with systemd Not required    Installation Step 1: Download  $cd ~</description>
    </item>
    
    <item>
      <title>快速入门</title>
      <link>https://janusec.github.io/cn/quick-start/</link>
      <pubDate>Thu, 17 May 2018 22:28:32 +0800</pubDate>
      
      <guid>https://janusec.github.io/cn/quick-start/</guid>
      <description>快速入门 Switch to English Edition of Quick Start
本入门指导将安装一个单节点（主节点）的Janusec应用网关（网关WAF）.
安装需求    节点 操作系统 数据库     主节点 CentOS/RHEL 7, 或 Debian 9, x86_64, 使用 systemd PostgreSQL 9.3 / 9.4 / 9.5 / 9.6 / 10   从节点 CentOS/RHEL 7, 或 Debian 9, x86_64, 使用 systemd 不需要    本入门只安装一个主节点，不安装从节点，如需扩展，可参考安装一节。
安装 步骤 1: 下载  $cd ~
$wget https://www.janusec.com/download/janusec-latest.tar.gz
$tar zxf ./janusec-latest.tar.gz
 步骤 2: 安装 请切换到root用户并运行 install.</description>
    </item>
    
    <item>
      <title>Janusec Application Gateway</title>
      <link>https://janusec.github.io/product/janusec-application-gateway/</link>
      <pubDate>Fri, 11 May 2018 20:58:57 +0800</pubDate>
      
      <guid>https://janusec.github.io/product/janusec-application-gateway/</guid>
      <description>Janusec Application Gateway, an application security solutions for public cloud, private cloud, and traditional IDC, which provides web routing, load balancing, and web application firewall. With Janusec, you can build secure and scalable applications.
Janusec Application Gateway Introduction PDF
Key Features:  Web Application Firewall ( HTTPS support, No Agent Required )
 Unified Web Administration
 Certificate Protection (Encryption) Scalable Architecture with Load Balance
  Make Defense Simple  SQL Injection</description>
    </item>
    
    <item>
      <title>Introduction</title>
      <link>https://janusec.github.io/documentation/introduction/</link>
      <pubDate>Sat, 12 May 2018 08:10:40 +0800</pubDate>
      
      <guid>https://janusec.github.io/documentation/introduction/</guid>
      <description>Introduction Janusec Application Gateway, an application security solutions for public cloud, private cloud, and traditional IDC, which provides web routing, load balancing, and web application firewall. With Janusec, you can build secure and scalable applications.
Janusec Application Gateway Introduction PDF
Features:  Web Application Firewall ( HTTPS support, No Agent Required )
 Load Balance Encrypted Certificates Manager Mater and Slave Nodes Supported  Make Defense Simple  SQL Injection</description>
    </item>
    
    <item>
      <title>产品介绍</title>
      <link>https://janusec.github.io/cn/introduction/</link>
      <pubDate>Sat, 12 May 2018 08:10:40 +0800</pubDate>
      
      <guid>https://janusec.github.io/cn/introduction/</guid>
      <description> 产品介绍 Janusec应用网关，一种适用于各种场景（公有云、私有云、传统IDC等）的应用安全解决方案，提供Web路由、负载均衡、WAF（Web应用防火墙）等功能，可用于构建安全的、可扩展的应用。
Janusec Application Gateway Introduction PDF
产品特点:  WAF (Web Application Firewall, Web应用防火墙，天然支持HTTPS且不需要Agent )
 统一的Web化管理
 证书加密保护
 负载均衡（可扩展的部署架构）
  让防御更简单  SQL注入
 跨站脚本
 敏感数据泄露 CC攻击 阻断（Block）、验证码（Captcha）等多种策略 支持多个检查点的组合策略
  让管理更简单  统一的Web化管理中心
  架构可扩展  多网关节点支持
 自动化策略同步
  证书保护  私钥加密存储
 只在内存使用
  </description>
    </item>
    
    <item>
      <title>WebCruiser Web Vulnerability Scanner</title>
      <link>https://janusec.github.io/product/webcruiser-web-vulnerability-scanner/</link>
      <pubDate>Fri, 11 May 2018 20:58:57 +0800</pubDate>
      
      <guid>https://janusec.github.io/product/webcruiser-web-vulnerability-scanner/</guid>
      <description>WebCruiser Web Vulnerability Scanner, an effective and powerful web penetration testing tool that will aid you in auditing your website!
It can support scanning website as well as POC (Proof of concept) for web vulnerabilities: SQL Injection, Cross Site Scripting, Local File Inclusion, Remote File Inclusion, Redirect etc.
The most typical feature of WebCruiser comparing with other Web Vulnerability Scanners is that WebCruiser Web Vulnerability Scanner focuses on high risk vulnerabilities, and WebCruiser can scan a designated vulnerability type, or a designated URL, or a designated page separately, while the others usually will not.</description>
    </item>
    
    <item>
      <title>Installation</title>
      <link>https://janusec.github.io/documentation/installation/</link>
      <pubDate>Sat, 19 May 2018 10:11:09 +0800</pubDate>
      
      <guid>https://janusec.github.io/documentation/installation/</guid>
      <description>Installation Requirements    Role Operating System Database     Master Node CentOS/RHEL 7, or Debian 9, x86_64, with systemd PostgreSQL 9.3 / 9.4 / 9.5 / 9.6 / 10   Slave Node CentOS/RHEL 7, or Debian 9, x86_64, with systemd Not required    Step 1: Download  $cd ~
$wget https://www.janusec.com/download/janusec-latest.tar.gz
$tar zxf ./janusec-latest.tar.gz
 Step 2: Install Switch to root and run install.</description>
    </item>
    
    <item>
      <title>安装</title>
      <link>https://janusec.github.io/cn/installation/</link>
      <pubDate>Sat, 19 May 2018 10:11:09 +0800</pubDate>
      
      <guid>https://janusec.github.io/cn/installation/</guid>
      <description>安装 需求    节点 操作系统 数据库     主节点 CentOS/RHEL 7, 或 Debian 9, x86_64, 使用 systemd PostgreSQL 9.3 / 9.4 / 9.5 / 9.6 / 10   从节点 CentOS/RHEL 7, 或 Debian 9, x86_64, 使用 systemd 不需要    Step 1: 下载  $cd ~
$wget https://www.janusec.com/download/janusec-latest.tar.gz
$tar zxf ./janusec-latest.tar.gz
 Step 2: 安装 请切换到root用户并运行 install.sh , janusec应用网关将安装在目录： /usr/local/janusec/
 $su
#cd janusec-0.</description>
    </item>
    
    <item>
      <title>Administration</title>
      <link>https://janusec.github.io/documentation/admin/</link>
      <pubDate>Sat, 19 May 2018 10:11:09 +0800</pubDate>
      
      <guid>https://janusec.github.io/documentation/admin/</guid>
      <description>Web Administration Administration Portal http://janusec_application_gateway_master_node_ip:9080/
For security reasons, use internal IP address is preferred.
You can modify the config file of the master node: /usr/local/janusec/config.json :
 &amp;ldquo;admin_http_listen&amp;rdquo;: &amp;ldquo;10.10.10.10:9080&amp;rdquo;,
&amp;ldquo;admin_https_listen&amp;rdquo;: &amp;ldquo;10.10.10.10:9443&amp;rdquo;,
 Digital Certificate Management see Certificate Management
Application Management see Application Management
Node Management see Node Management
WAF Management see WAF Management</description>
    </item>
    
    <item>
      <title>管理</title>
      <link>https://janusec.github.io/cn/admin/</link>
      <pubDate>Sat, 19 May 2018 10:11:09 +0800</pubDate>
      
      <guid>https://janusec.github.io/cn/admin/</guid>
      <description>Web化管理 管理入口 第一个管理入口：
http://主节点IP地址:9080/
安全原因，推荐使用内部IP地址IP:Port，可在配置文件（/usr/local/janusec/config.json）中修改。
 &amp;ldquo;admin_http_listen&amp;rdquo;: &amp;ldquo;10.10.10.10:9080&amp;rdquo;,
&amp;ldquo;admin_https_listen&amp;rdquo;: &amp;ldquo;10.10.10.10:9443&amp;rdquo;,
 数字证书管理 参考 证书管理
应用管理 参考 应用管理
节点管理 参考 节点管理
WAF管理 参考 WAF管理</description>
    </item>
    
    <item>
      <title>Certificate Management</title>
      <link>https://janusec.github.io/documentation/certificate-management/</link>
      <pubDate>Sun, 20 May 2018 21:05:08 +0800</pubDate>
      
      <guid>https://janusec.github.io/documentation/certificate-management/</guid>
      <description>Certificate Management Certificate List Open web administration portal and navigate to Certificate Management.
Add or Edit Certificate Single domain subdomain.yourdomain.com or wildcard *.yourdomain.com certificate are all acceptable. A wildcard certificate is preferred.
For production environment, you should have a legal digital certificate issued by a trusted CA ( such as Let&#39;s Encrypt ) .
For test purpose, when filled in the first field (Common Name or Subject Alternative Name), click Self-Sign Certificate button, it will produce a self-sign certificate for you, and you need export it with browser and add it to the trusted root CA.</description>
    </item>
    
    <item>
      <title>证书管理</title>
      <link>https://janusec.github.io/cn/certificate-management/</link>
      <pubDate>Sun, 20 May 2018 21:05:08 +0800</pubDate>
      
      <guid>https://janusec.github.io/cn/certificate-management/</guid>
      <description> 证书管理 证书列表 在Web管理界面，导航到 Certificate Management （证书管理） .
添加或编辑证书 这里可使用单域名证书（subdomain.yourdomain.com）或通配符证书（*.yourdomain.com），推荐使用通配符证书。
生产环境，请使用权威第三方CA颁发的证书。
测试环境，可使用Janusec自签发证书(在Common Name or Subject Alternative Name字段输入通配域名之后，可点击Self-Sign Certificate按钮)，不过自签证书不受信任，需要手工从浏览器导出，并导入到可信根CA颁发机构中。
证书保护  证书私钥，加密存储在数据库中.
不同的部署实例，加密密钥是不同的.
 </description>
    </item>
    
    <item>
      <title>Application Management</title>
      <link>https://janusec.github.io/documentation/application-management/</link>
      <pubDate>Sun, 20 May 2018 21:58:35 +0800</pubDate>
      
      <guid>https://janusec.github.io/documentation/application-management/</guid>
      <description>Application Management Requirements At least one digital certificate is required if you need https support.
Certificate Management
Add or Edit Application Open web administration portal and navigate to Application Management.
Note:
 Backend or Internal Scheme, default http and thus no certificates required in your real servers.
 Destination, IP:Port format, port is required even if the port is 80.
 Multiple destinations for backend load balancing.
 Client IP for WAF, default REMOTE_ADDR, Janusec WAF will get IP address from IP package, but if you are using Janusec Application Gateway behind a trustable CDN of third parties, usually the last IP of X-Forwarded-For should be taken, please refer to the documentation of CDN, and select relevant option, for example: the option X_Forwarded_For used for the last IP of X-Forwarded-For within the request header.</description>
    </item>
    
    <item>
      <title>应用管理</title>
      <link>https://janusec.github.io/cn/application-management/</link>
      <pubDate>Sun, 20 May 2018 21:58:35 +0800</pubDate>
      
      <guid>https://janusec.github.io/cn/application-management/</guid>
      <description> 应用管理 需求 如果您需要 https 支持，至少需要一个数字证书。
证书管理
添加或编辑应用 打开Web管理门户并导航至Application Management。
注意:
 后端（从网关到真实服务器）通常在内网，默认使用 http ，不需要证书；
 Destination（后端目的地）,使用 IP:Port 格式，其中端口不可省略（即使是80端口）； 多个Destination用于后端负载均衡；
 网关获取用户IP，默认使用REMOTE_ADDR（从IP报文获取）； 当网关的前面还存在可信任的CDN时，REMOTE_ADDR获取的是CDN的地址，可参考CDN厂商的说明文档，通常CDN厂商会将用户IP附加在X-Forwarded-For后面，这时网关可配置成 X_Forwarded_For （网关将使用该字段的最后一个IP地址）；
 Janusec应用网关将会把REMOTE_ADDR获取的IP附加在X-Forwarded-For后面, 因此业务中如需使用用户IP地址，可提取X-Forwarded-For中的最后一个IP地址（网关直接向用户提供服务时），或倒数第二个IP地址（网关前面还存在可信任的CDN时）.
  </description>
    </item>
    
    <item>
      <title>Node Management</title>
      <link>https://janusec.github.io/documentation/node-management/</link>
      <pubDate>Sun, 20 May 2018 22:38:35 +0800</pubDate>
      
      <guid>https://janusec.github.io/documentation/node-management/</guid>
      <description>Node Management Node Type  Master Node, there must have one and only one Master Node, and a PostgreSQL is required.
 Slave Node, optional, no database required.  Single Node Architecture  One Master Node.
 No DNS Load Balance required.
 For small scale web applications.
  Multiple Nodes Architecture  One Master Node and multiple Slave Nodes Architecture.
 Only the Master Node requires a PostgreSQL database.</description>
    </item>
    
    <item>
      <title>节点管理</title>
      <link>https://janusec.github.io/cn/node-management/</link>
      <pubDate>Sun, 20 May 2018 22:38:35 +0800</pubDate>
      
      <guid>https://janusec.github.io/cn/node-management/</guid>
      <description>节点管理 节点类型  主节点, 有且只有一个，并需要使用PostgreSQL.
 从节点，可选，0个或多个，不需要数据库。
  单节点架构  一个主节点，没有从节点.
 不需要GSLB或DNS负载均衡.
 适用于一个或多个小型Web应用.
  多节点架构  一个主节点，多个从节点.
 主节点需要使用PostgreSQL. 需要GSLB或DNS负载均衡（不同地区的用户查询同一个域名，获取到不同的IP地址）.
 适用于一个或多个大型Web业务.
  从节点  在统一的Web管理界面,可管理所有的从节点.
 从节点配置文件/usr/local/janusec/config.json中的node_key，需要据此配置.</description>
    </item>
    
    <item>
      <title>WAF Management</title>
      <link>https://janusec.github.io/documentation/waf-management/</link>
      <pubDate>Mon, 21 May 2018 21:27:20 +0800</pubDate>
      
      <guid>https://janusec.github.io/documentation/waf-management/</guid>
      <description>WAF Management Add or Edit WAF Policy Typical Check Points  Example: http://www.yourdomain.com/blog/show.php?id=1&amp;amp;category=2
 URLPath: /blog/show.php
URLQuery: id=1&amp;amp;category=2
GetPostKey: [id, category]
GetPostValue: [1, 2]
 GetPostKey, GetPostValue used for both GET and POST method
If you want to check url values only ( GET Only ), please select URLQuery .
 Regular Expression Janusec Application Gateway adopts Google RE2 Regular Expression . In order to simplify configuration, Janusec Application Gateway will preprocess the values to be detected.</description>
    </item>
    
    <item>
      <title>WAF管理</title>
      <link>https://janusec.github.io/cn/waf-management/</link>
      <pubDate>Mon, 21 May 2018 21:27:20 +0800</pubDate>
      
      <guid>https://janusec.github.io/cn/waf-management/</guid>
      <description>WAF管理 添加或编辑WAF策略 典型的检查点  举例: http://www.yourdomain.com/blog/show.php?id=1&amp;amp;category=2
 URLPath: /blog/show.php
URLQuery: id=1&amp;amp;category=2
GetPostKey: [id, category]
GetPostValue: [1, 2]
 GetPostKey, GetPostValue ： 同时作用于GET和POST方法
如果仅检查GET方法，请使用 URLQuery .
 正则表达式 Janusec应用网关采用 Google RE2 正则表达式 .
为简化正则表达式配置，Janusec应用网关对待检测的字符串值进行了预处理：
 删除 &#39; 及 &amp;quot;
 替换 /**/ 为空格
  正则举例:
 (?i)\s+(and|or)\s+[\w\p{L}]+=[\w\p{L}]+$
 可覆盖如下值:
 1&#39; aNd &#39;1&#39;=&#39;1
abc&#39; oR &amp;quot;abc&amp;quot;=&amp;quot;abc
1&#39;/**/And/**/&#39;a&#39;=&#39;a
 备注:
 p{L} 用于UNICODE字符.
 动作 Block（阻断） CAPTCHA（验证码） 用于CC攻击或高频访问</description>
    </item>
    
    <item>
      <title>Operation Management</title>
      <link>https://janusec.github.io/documentation/operation-management/</link>
      <pubDate>Fri, 25 May 2018 21:04:25 +0800</pubDate>
      
      <guid>https://janusec.github.io/documentation/operation-management/</guid>
      <description>Operation Management Deployment Architecture    Architecture Master Node Slave Node Description     Single-Node One None small scale applications with unified web management   Scalable One Any large scale applications with unified web management   Multiple Autonomous System Any Any Any Single or Scalable Architectures, maintained by different teams, each autonomous system has an unified web management portal.    Admin Account Web Administration address is one of the following:</description>
    </item>
    
    <item>
      <title>运维管理</title>
      <link>https://janusec.github.io/cn/operation-management/</link>
      <pubDate>Fri, 25 May 2018 21:04:25 +0800</pubDate>
      
      <guid>https://janusec.github.io/cn/operation-management/</guid>
      <description>运维管理 部署架构    架构 主节点 从节点 描述     单节点 一个 无 小规模Web应用，统一Web管理   可扩展 一个 任意 大规模Web应用，统一Web管理   多个自治系统 任意 任意 部署多套，每个自治系统内部统一Web管理.    管理账号 统一的Web管理地址包括如下：
 http://your_master_node_ip_address:9080/ (首次使用)
https://your_master_node_domain_name:9443/ (证书配置后可用)
https://your_janusec_admin_domain_name/ (将Web管理应用当作普通应用在应用网关注册，不启用WAF)
    默认用户 默认口令     admin J@nusec123     需要修改口令后才能继续管理功能!
 端口    端口 描述     80 固定的网关HTTP入口，主节点和从节点均开启   443 固定的网关HTTPS入口，主节点和从节点均开启   9080 可修改, HTTP Web 管理入口, 仅主节点开启   9443 可修改, HTTPS Web 管理入口, 仅主节点开启     默认的 9080 及 9443 端口可在配置文件 /usr/local/janusec/config.</description>
    </item>
    
    <item>
      <title>Migrate to Janusec</title>
      <link>https://janusec.github.io/documentation/migrate-to-janusec/</link>
      <pubDate>Wed, 06 Jun 2018 21:56:05 +0800</pubDate>
      
      <guid>https://janusec.github.io/documentation/migrate-to-janusec/</guid>
      <description>Migrate to Janusec Application Gateway Step 1: Install and Configure Janusec Application Gateway Refer to Installation, install janusec application gateway and configure digital certificate, application.
Step 2: Hosts Test After configuration, modify you local hosts file C:\Windows\System32\drivers\etc\hosts ( not the Gateway) for test.
 the_gateway_ip your_domain_name
 Then, open web browser and navigate to https://your_domain_name.
Step 3: Modify DNS If test OK, modify your DNS setting for production, let domain name point to the gateway, and restore your local hosts.</description>
    </item>
    
    <item>
      <title>迁移到Janusec应用网关</title>
      <link>https://janusec.github.io/cn/migrate-to-janusec/</link>
      <pubDate>Wed, 06 Jun 2018 21:56:05 +0800</pubDate>
      
      <guid>https://janusec.github.io/cn/migrate-to-janusec/</guid>
      <description>迁移到Janusec应用网关 步骤 1: 安装并配置Janusec应用网关 参考 安装, 安装Janusec应用网关并配置好证书、Web应用.
步骤 2: 修改Hosts文件测试 修改本地电脑的 C:\Windows\System32\drivers\etc\hosts (不是网关) ，将域名临时指向网关IP，用于测试.
 the_gateway_ip your_domain_name
 然后可打开浏览器测试访问 https://your_domain_name .
步骤 3: 修改DNS 如果测试通过，可修改DNS指向，将正式生产环境的域名指向Janusec应用网关，并删除您本地添加的hosts记录。
步骤 4: 提升安全 ( 可选 ) 后端真实服务器在接入Janusec应用网关之后，没有必要再监听外网地址了，可修改为只监听内网地址（如10.10.10.10:80），不再直接暴露在互联网，降低安全风险。</description>
    </item>
    
    <item>
      <title>Update Janusec</title>
      <link>https://janusec.github.io/documentation/update-janusec/</link>
      <pubDate>Sun, 10 Jun 2018 20:11:45 +0800</pubDate>
      
      <guid>https://janusec.github.io/documentation/update-janusec/</guid>
      <description>Update to Latest Version Version 0.9.3 upgrade to 0.9.4 Install janusec normally, or do the following before installation.
 drop table nodes;
 and delete the line which include node_id in config.json.
 systemctl restart janusec.service
 Version 0.9.2 upgrade to 0.9.3 PostgreSQL table applications need to be updated.
The installation program will not do this operation, you should execute the following SQL command manually.
 alter table applications add column hsts_enabled boolean default true;</description>
    </item>
    
    <item>
      <title>升级Janusec</title>
      <link>https://janusec.github.io/cn/update-janusec/</link>
      <pubDate>Sun, 10 Jun 2018 20:11:45 +0800</pubDate>
      
      <guid>https://janusec.github.io/cn/update-janusec/</guid>
      <description>升级到新版本Janusec应用网关 Version 0.9.3 upgrade to 0.9.4 可正常安装，建议升级前执行如下操作：
 drop table nodes;
 删除配置文件config.json中含有 node_id 的这一行.
 systemctl restart janusec.service
 Version 0.9.2 upgrade to 0.9.3 PostgreSQL 表 applications 需要升级.
安装程序不会自动升级，需要手工执行SQL指令：
 alter table applications add column hsts_enabled boolean default true;
 然后参考 安装 安装Janusec应用网关, 并重启 janusec.service:
 systemctl restart janusec.service
 Version &amp;lt;=0.9.1 upgrade to 0.9.2 PostgreSQL 表 applications 需要升级.
安装程序不会自动升级，需要手工执行SQL指令：
 alter table applications add column ip_method bigint default 1;</description>
    </item>
    
    <item>
      <title>Pricing</title>
      <link>https://janusec.github.io/documentation/pricing/</link>
      <pubDate>Sun, 03 Jun 2018 12:00:30 +0800</pubDate>
      
      <guid>https://janusec.github.io/documentation/pricing/</guid>
      <description> Pricing for Janusec Application Gateway    Plans Pricing License     Community Free GNU AGPLv3    </description>
    </item>
    
    <item>
      <title>FAQ</title>
      <link>https://janusec.github.io/cn/faq/</link>
      <pubDate>Sat, 12 May 2018 07:45:49 +0800</pubDate>
      
      <guid>https://janusec.github.io/cn/faq/</guid>
      <description> FAQ Q: Janusec应用网关与其它WAF的主要区别 ?  A: Janusec应用网关 也可称之为网关式WAF，它为克服传统WAF的缺点（如需部署Agent、HTTPS支持不好、数字证书私钥泄露等）而设计，将 WAF (Web Application Firewall)集成到到Web应用网关中，提升了用户访问、安全防御、维护管理等方面的体验。
 Q: Janusec应用网关是否需要在业务服务器上部署Agent ?  A: 不需要.
 Q: Janusec应用网关是否支持 HTTPS ?  A: 支持,Janusec应用网关天然支持 HTTPS .
 Q: 证书私钥是否安全 ?  A: 证书私钥加密存储在数据库中，仅在内存解密使用. Janusec应用网关不需要使用以文件形式存放的证书，服务器上的明文证书文件可在妥善备份后删除。
 Q: 接入Janusec应用网关后，应用中如何获取用户的IP地址 ?  A: Janusec应用网关将会把通过IP包提取的IP地址（REMOTE_ADDR）附加在X-Forwarded-For后面, 因此业务中如需使用用户IP地址，可提取X-Forwarded-For中的最后一个IP地址（网关直接向用户提供服务时），或倒数第二个IP地址（网关前面还存在可信任的CDN时）.
 Q: 安装遇到问题，该如何排查？  A: 可参考 问题诊断。
 </description>
    </item>
    
    <item>
      <title>FAQ</title>
      <link>https://janusec.github.io/documentation/faq/</link>
      <pubDate>Sat, 12 May 2018 07:45:49 +0800</pubDate>
      
      <guid>https://janusec.github.io/documentation/faq/</guid>
      <description>FAQ Q: What is the difference between Janusec Application Gateway and WAF ?  A: Janusec Application Gateway includes a WAF (Web Application Firewall), and Janusec eliminates the defects of traditional WAF.
 Q: Does it requires agent installation on business servers ?  A: No agent required.
 Q: Does it support https ?  A: Yes, https is naturally supported.
 Q: Is my private key secure ?</description>
    </item>
    
    <item>
      <title>User Agreement</title>
      <link>https://janusec.github.io/documentation/user-agreement/</link>
      <pubDate>Sun, 20 May 2018 20:38:58 +0800</pubDate>
      
      <guid>https://janusec.github.io/documentation/user-agreement/</guid>
      <description>User Agreement and Privacy Policy  THE PRODUCT IS PROVIDED &amp;ldquo;AS IS&amp;rdquo;, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE PRODUCT OR THE USE OR OTHER DEALINGS IN THE PRODUCT.</description>
    </item>
    
    <item>
      <title>Diagnose</title>
      <link>https://janusec.github.io/documentation/diagnose/</link>
      <pubDate>Sun, 05 Aug 2018 11:52:52 +0800</pubDate>
      
      <guid>https://janusec.github.io/documentation/diagnose/</guid>
      <description>Diagnose Deployment Operating System Operating System should be x86_64 and one of the following:
 CentOS 7
 RHEL 7
 Debian 9
  Service Management systemd is used for Service Management , check :
 command -v systemctl
 (Expect result: /usr/bin/systemctl)
PostgreSQL Use psql to check PostgreSQL Connection:
 psql -h 127.0.0.1 -U janusec -W janusec
 If not OK, refer to Operation Management , PostgreSQL part.</description>
    </item>
    
    <item>
      <title>问题诊断</title>
      <link>https://janusec.github.io/cn/diagnose/</link>
      <pubDate>Sun, 05 Aug 2018 10:16:34 +0800</pubDate>
      
      <guid>https://janusec.github.io/cn/diagnose/</guid>
      <description>问题诊断 部署 当安装Jausec时遇到问题，可先对照此检查表进行检查。
操作系统 操作系统需要为x86_64架构的如下操作系统之一：
 CentOS 7
 RHEL 7
 Debian 9
  服务管理工具 服务管理工具为systemd，检查方法，在命令行运行：
 command -v systemctl
 （预期结果为：/usr/bin/systemctl）
PostgreSQL 使用psql命令来检查配置是否正常：
 psql -h 127.0.0.1 -U janusec -W janusec
 参数h后面跟IP地址，参数U后面跟数据库用户名，参数W表示接下来需要输入口令，最后是数据库名。
如果登录验证不成功，可参考 运维管理 中的PostgreSQL安装部分。
在PSQL Shell中执行版本检查：
 select version();
 版本要求为9.3以上。
端口  netstat -anp | grep LISTEN | grep &#39;:\(80\|443\|9080\|9443\)\s&#39;
 Janusec网关需要使用80/443/9080/9443这几个端口，如果在与Web服务器同一台主机上安装Janusec且有其它程序占用了这些端口，需要其它程序修改端口。
DNS 如果Janusec网关和后面的Web服务器位于同一台主机，则DNS不需要任何修改。
如果是单独部署的Janusec网关，需要将现有的Web服务接入迁移到Janusec，请先使用hosts方式调试通过，然后再修改DNS指向。
主从节点同步 为了保证主从节点正确同步，需要满足：
 各节点时间正确（误差不超过一分钟）
 从节点node_key跟Web管理控制台中节点管理中显示的node_key一致。
  开发 操作系统 开发者操作系统不限，但建议采用Linux系统。</description>
    </item>
    
  </channel>
</rss>