What Working Modes and Protection Mechanisms Does WAF Have?
After you connect a domain name to your WAF instance, WAF works as a reverse proxy between the client and server. The real IP address of the server is hidden and only the IP address of WAF is visible to web visitors.
- Enabled
- Suspended
- Bypassed
- If a proxy is used for the website that is deployed in Cloud mode before it is connected to WAF, the WAF instance cannot be switched to the Bypassed mode.
- The Bypassed mode is unavailable for websites deployed in Dedicated mode.
For more details, see Switching WAF Working Mode.
Table 1 describes the protection mechanism.
Protection Rule |
Protective Action |
---|---|
Basic web protection rules |
|
CC attack protection rules |
|
Precise protection rules |
|
Blacklist and whitelist rules |
|
Geolocation access control rules |
|
Website anti-crawler protection |
Protective actions for feature-based anti-crawler rules:
|
- Block: WAF blocks and logs detected attacks.
- Log only: WAF only logs detected attacks.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.