Configuration Example: Adding a Domain Name to WAF
When adding a domain name to WAF, the configurations are slightly different based on the service scenarios.
- Example 1: Protecting Traffic to the Same Standard Port with Different Origin Server IP Addresses Assigned
- Example 2: Protecting Traffic to a Non-Standard Port with Different Origin Server IP Addresses Assigned
- Example 3: Protecting Different Service Ports
- Example 4: Configuring Protocols for Different Access Methods
Example 1: Protecting Traffic to the Same Standard Port with Different Origin Server IP Addresses Assigned
- Select Standard port from the Protected Port drop-down list.
- Select HTTP or HTTPS for Client Protocol. Figure 1 and Figure 2 show standard port configurations when the client protocol is HTTP or HTTPS.
If Client Protocol is set to HTTPS, a certificate is required.
- Your website visitors can access the website without adding a port to the end of the domain name. For example, enter http://www.example.com in the address box of the browser to access the website.
Example 2: Protecting Traffic to a Non-Standard Port with Different Origin Server IP Addresses Assigned
- In the Protected Port drop-down list, select a non-standard port you want to protect.
- Select HTTP or HTTPS for Client Protocol for all server ports. Figure 3 and Figure 4 show the configuration of non-standard HTTP or HTTPS port, respectively.
If Client Protocol is set to HTTPS, a certificate is required.
- Visitors must add the configured non-standard port to the domain name when they access your website. Otherwise, error 404 is returned. If the non-standard port is 8080, enter http://www.example.com:8080 in the address box of the browser.
Example 3: Protecting Different Service Ports
Example 4: Configuring Protocols for Different Access Methods
WAF provides various protocol types. If your website is www.example.com, WAF provides the following four access modes:
- HTTP mode
Figure 7 HTTP mode
This configuration allows web visitors to access http://www.example.com over HTTP only. If they access it over HTTPS, they will receive the 302 Found code and be redirected to http://www.example.com.
- HTTPS method. This configuration allows web visitors to access your website over HTTPS only. If they access it over HTTP, they are redirected to the HTTPS URL.
Figure 8 HTTPS redirection
- If web visitors access your website over HTTPS, the website returns a successful response.
- If web visitors access http://www.example.com over HTTP, they will receive the 302 Found code and are directed to https://www.example.com.
- HTTP/HTTPS forwarding method
Figure 9 HTTP and HTTPS forwarding
- If web visitors access your website over HTTP, the website returns a successful response but no communication between the browser and website is encrypted.
- If web visitors access your website over HTTPS, the website returns a successful response and all communications between the browser and website are encrypted.
- HTTPS offloading by WAF
Figure 10 HTTPS offloading
If web visitors access your website over HTTPS, WAF forwards the requests to your origin server over HTTP.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.
