Help Center/ Web Application Firewall/ User Guide (ME-Abu Dhabi Region) / FAQs/ About WAF/ Can WAF Defend Against the Apache Struts2 Remote Code Execution Vulnerability (CVE-2021-31805)?

Updated on 2025-05-15 GMT+08:00

View PDF

Can WAF Defend Against the Apache Struts2 Remote Code Execution Vulnerability (CVE-2021-31805)?

Yes. WAF basic web protection rules can defend against the Apache Struts2 remote code execution vulnerability (CVE-2021-31805).

Follow the procedure below to complete the configuration.

Configuration Procedure

Enable WAF.
Add the website domain name to WAF and connect it to WAF. For details, see Connecting Your Website to WAF (Dedicated Mode).
In the Basic Web Protection configuration area, set Mode to Block. For details, see Configuring Basic Web Protection to Defend Against Common Web Attacks.

Parent Topic: About WAF

Previous topic: How Does WAF Detect SQL Injection, XSS, and PHP Injection Attacks?

Next topic: Why Does the Vulnerability Scanning Tool Report Disabled Non-standard Ports for My WAF-Protected Website?

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot