Help Center/ Web Application Firewall/ FAQs/ Protection Rules/ Which Protection Levels Can Be Set for Basic Web Protection?

Updated on 2024-10-31 GMT+08:00

View PDF

Which Protection Levels Can Be Set for Basic Web Protection?

Basic Web Protection has three protection levels. The default protection level is Medium. For details, see Table 1.

**Table 1** Protection levels
Protection Level	Description
Low	WAF only blocks the requests with obvious attack signatures. If a large number of false alarms are reported, Low is recommended.
Medium	The default level is Medium, which meets a majority of web protection requirements.
High	At this level, WAF provides the finest granular protection and can intercept attacks with complex bypass features, such as Jolokia cyber attacks, common gateway interface (CGI) vulnerability detection, and Druid SQL injection attacks. To let WAF defend against more attacks but make minimum effect on normal requests, observe your workloads for a period of time first. Then, configure a global protection whitelist rule and select High.

For details about basic web protection, see Configuring Basic Web Protection Rules.

Parent topic: Protection Rules

Thank you very much for your feedback. We will continue working to improve the documentation.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel