Create an IIS HTTPS Offloaded and WAF Virtual Service
- Last Updated: June 18, 2025
- 1 minute read
- LoadMaster
- LoadMaster LTSF
- Documentation
The following are the steps involved and the recommended settings to configure the IIS HTTPS Offloaded and WAF Virtual Service:
- In the main menu of the LoadMaster WUI, go to Virtual Services > Add New.
- Type a valid Virtual Address.
- Type 443 as the Port.
- Enter a recognizable Service Name, such as IIS HTTPS Offloaded WAF Virtual Service.
- Click Add this Virtual Service.
- Configure the settings as recommended in the following table:
Section
Option
Value
Comments
Standard Options
Persistence Mode
Source IP Address
Timeout
6 Minutes
Scheduling Method
least connection
Idle Connection Timeout
900
SSL Properties
Enabled
Selected
Cipher Set
Best Practices
Advanced Properties
Add a Port 80 Redirector VS
https://%h%s
Click Add HTTP Redirector. This automatically creates a redirect on port 80.
WAF Options
Enabled
Yes
Default Operation
Block Mode
Audit Mode
Audit Relevant
Enabled Rules
owasp_protocol_violations
owasp_protocol_anomalies
owasp_request_limits
owasp_bad_robots
owasp_generic_attacks
owasp_xss_attacks
owasp_trojans
owasp_common_exceptions
Application Specific
iis_attacks
Real Servers
Real Server Check Method
HTTPS Protocol
Real Servers
URL
/
- Add the Real Servers:
- Expand the Real Servers section.
- Click Add New.
- Enter the address of the relevant Real Server.
- Complete the other fields as required.
- Click Add this Real Server then click OK to the pop-up message.
- Repeat the steps above to add more Real Servers as needed, based on your environment.
Create an IIS HTTPS Offloaded and WAF Redirect Virtual Service
Clicking the Add HTTP Redirector button automatically creates a port 80 redirect Virtual Service. This is optional, but the purpose of this Virtual Service is to redirect any clients who have connected using HTTP to the HTTPS Virtual Service. We also recommend changing the Real Server Check Method and Persistence Mode to None.