WAF Operation Guide
After you enable the WAF service, you need to connect your website domain name to WAF so that all access requests are forwarded to WAF for protection.
Procedure for Using WAF
Figure 1 shows the procedure. Table 1 describes the procedure.
Operation |
Description |
---|---|
Buy a cloud WAF instance in the yearly/monthly or pay-per-use billing mode or buy dedicated WAF instances billed in the pay-per-use billing mode.
NOTICE:
|
|
Add websites you want to protect to your WAF instance.
NOTE:
|
|
A policy is a combination of rules, such as basic web protection, blacklist, whitelist, and precise protection rules. A policy can be applied to multiple domain names, but only one policy can be used for a domain name. |
|
WAF displays blocked or logged-only attacks on the Events page. You can view and analyze protection logs to adjust your website protection policies or mask false alarms. |
|
Enable this function to receive an alarm notification the instant an attack is detected. You can configure certificate expiration reminders. When a certificate is about to expire, WAF notifies you by the way you configure, such as email or SMS. |
Related Functions
Beyond functions in Procedure for Using WAF, WAF also provides the following functions for you to improve your website security performance.
Function |
Description |
---|---|
You can view protection data of yesterday, today, last 3 days, last 7 days, or last 30 days. |
|
WAF can generate daily, weekly, monthly, or custom reports based on the report templates you have created. Reports will be sent to you in the way and within the time range you configure. |
|
Configuring PCI DSS/3DS Certification Check and Configuring the Minimum TLS Version and Cipher Suite |
TLS v1.0 and the cipher suite 1 are configured by default in WAF for general security. To protect your websites better, set the minimum TLS version to a later version and select a more secure cipher suite. |
If you enable IPv6 protection, WAF assigns an IPv6 address to your domain name. In this manner, your website can be reached using the IPv6 address. |
|
HTTP/2 can be used only for access between the client and WAF on the condition that at least one origin server has HTTPS used for Client Protocol. |
|
|
|
If a large number of 502 Bad Gateway and 504 Gateway Timeout errors are detected, you can enable WAF breakdown protection and connection protection to let WAF suspend your website and protect your origin servers from being crashed. When the 502/504 error requests and pending URL requests reach the thresholds you configure, WAF enables corresponding protection for your website. |
|
WAF allows you to configure traffic identifiers by IP address, session, or user tag to block possibly malicious requests from known attack sources based on IP address, Cookie, or Params. |
|
If a visitor is blocked by WAF, the Default block page of WAF is returned by default. You can also configure Custom or Redirection for the block page to be returned as required. |
|
You can use WAF to add additional header information, for example, $request_id, to associate requests on the entire link. You can follow this topic to let WAF insert additional fields into a header and forward requests to origin servers. Note that the key value of a custom header field cannot be the same as any native Nginx fields. |
|
If you upload a certificate to WAF, you can directly select the certificate when adding a website to WAF. |
|
With IP address groups, you can quickly add IP addresses or IP address ranges to a blacklist or whitelist rule. |
|
This topic describes how to manage your dedicated WAF instances (or engines), including viewing instance information, viewing instance monitoring configurations, upgrading the instance edition, or deleting an instance. |
|
On the Product Details page, you can view information about all your WAF instances, including the edition, domain quotas, and specifications. |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot