Best Practices from Oracle Development's A‑Team

Protecting Eloqua Microsites with OCI WAF

Eloqua is part of Oracle Marketing Cloud solution and is used to quickly create and manage web marketing campaigns. One of Eloqua’s features allows customers to quickly launch a dedicated website for a specific campaign; these websites are called microsites. Microsites can either be SSL secured or of basic type which do not require SSL and can be accessed by http://microsite_domain. However, these microsites need to be protected from malicious internet traffic. OCI WAF can be used to protect these microsites. This blog post discusses a solution to protect the basic microsites with WAF.

Microsite Creation

The first step is to create a microsite. The following figure shows an example of a microsite named Test - OCI A Team. The microsite configuration includes a website domain name.

Get hold of the Oracle Eloqua site ID. The site ID will be used for Origin in the WAF policy configuration.

WAF Configuration

The WAF configuration includes defining a WAF policy. Use the microsite website domain as the primary domain in the WAF configuration. Also use the site ID for Origin by constructing the URI as s[site id].hs.eloqua.com. These are shown below. Set up any desired protection and access rules in the WAF.

Complete the configuration by setting up the CNAME record from above in the DNS:

The microsite should be now ready for production use.

Access the Microsite

Open a browser and access the microsite, providing the microsite website domain name.

The request gets routed to the microsite via the WAF. Notice that the request is over http since the microsite is a basic one.


Customers can use Eloqua to launch websites featuring their marketting campaigns. These websites need to be protected from malicious internet traffic. This blog post presented a solution to protect the basic microsites using a WAF. A later blog post will cover a solution to protect secure microsites.



Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.Captcha