Feature
API key header enforcement (header name + expected value; blocks if missing/mismatch)
Description
Static API key header validation.
How it works
AegisWAF applies this capability inside the API Shield module. The engine evaluates configuration, applies matching (path/method/tokens/counters/providers), then records evidence into the event log and executes the configured enforcement action when conditions are met.
How to access / Enable or disable
- Access: AegisWAF → API Shield
- Enable/Disable: Use the module toggle/switch on this screen (or the relevant category toggle) to enable/disable.
Recommended setting
Enable only for private/internal APIs; rotate keys and keep the header name unique.