Updated on 2024-03-14 GMT+08:00

Change History

Released On

Description

2023-10-30

This issue is the sixth official release.

  • Adjusted the document structure.
  • Added the following content:
    • Enabling LTS for WAF Logging
    • Using LTS to Quickly Query and Analyze WAF Access Logs
    • Using LTS to Analyze How WAF Blocks Spring Core RCE Vulnerability in Real Time
    • Using LTS to Configure Block Alarms for WAF Rules
    • Does Cloud WAF Use Fixed IP Addresses for Domain Resolution?
    • Will the CNAME Record Be Changed If the IP Address of the Origin Server Has Been Changed?
    • Do I Need to Add the Domain Name to WAF Again If the Domain Name IP Address Has Been Changed?
    • How Can I Allow Access from .js Files?
  • Modified the following content:
    • Step 2: Configure a Load Balancer for WAF
    • Configuring PCI DSS/3DS Certification Check and Configuring the Minimum TLS Version and Cipher Suite
    • Configuring a CC Attack Protection Rule
    • Enabling Anti-Crawler Protection
    • Dashboard
    • Viewing event logs
    • Dedicated WAF Engine Management
    • Configuring CC Attack Protection
    • Upgrading Dedicated WAF Instances

2023-06-15

This issue is the fifth official release.

  • Modified "Edition Differences": Updated some screenshots.
  • Added some screenshots.

2023-03-30

This issue is the fourth official release.

  • Added "Best Practices."
  • "What Is Web Application Firewall": Added the cloud service principle diagram.
  • Added "Edition Differences."
  • Added "Ports Supported by WAF."
  • Added "Key Operations Recorded by CTS."
  • Added "Personal Data Protection Mechanism."
  • Added the following FAQs:
    • About WAF Protection
    • Can WAF Block Data Packets in multipart/form-data Format?
    • Does a Dedicated WAF Instance Support Cross-VPC Protection?
    • What Are the Differences Between WAF Forwarding and Nginx Forwarding?
    • Does WAF Block Customized POST Requests?
    • Does WAF Have the IPS Module?
    • Is There Any Impact on Origin Servers If I Enable HTTP/2 in WAF?
    • Can WAF Defend Against the Apache Struts2 Remote Code Execution Vulnerability (CVE-2021-31805)?
    • Why Does the Vulnerability Scanning Tool Report Disabled Non-standard Ports for My WAF-Protected Website?
    • How Does WAF Block Requests?
    • Can WAF Block Requests When a Certificate Is Mounted on ELB?
    • Does WAF Affect My Existing Workloads and Server Running?
    • How Do I Configure My Server to Allow Only Requests from WAF?
    • Why Do Cookies Contain the HWWAFSESID or HWWAFSESTIME field?
    • How Do I Configure WAF If a Reverse Proxy Server Is Deployed for My Website?
    • Do I Need to Make Some Changes in WAF If the Security Group for Origin Server (Address) Is Changed?
    • Which Non-Standard Ports Does WAF Support?
    • How Do I Use a Dedicated WAF Instance to Protect Non-Standard Ports That Are Not Supported by the Dedicated Instance?
    • Can WAF Protect Multiple Domain Names That Point to the Same Origin Server?
    • Do I Have to Configure the Same Port as That of the Origin Server When Adding a Domain Name to WAF?
    • What Can I Do If One of Ports on an Origin Server Does Not Require WAF Protection?
    • How Do I Safely Delete a Protected Domain Name?
    • Do I Need to Import the Certificates That Have Been Uploaded to ELB to WAF?
    • How Do I Configure the Client Protocol and Server Protocol?
    • Why Cannot I Select a Client Protocol When Adding a Domain Name?
    • Can I Set the Origin Server Address to a CNAME Record If I Am Using a Cloud WAF?
    • Can I Access a Website Using an IP Address After a Domain Name Is Connected to WAF?
    • Why Is My Domain Name or IP Address Inaccessible?
    • Why Does WAF Block Normal Requests as Invalid Requests?
    • What Is the Connection Timeout Duration of WAF? Can I Manually Set the Timeout Duration?
    • How Do I Solve the Problem of Excessive Redirection Times?
    • Why Does the Website Login Page Continuously Refreshed After a Domain Name Is Connected to WAF?
    • Why Does the Requested Page Respond Slowly After the HTTP Forwarding Policy Is Configured?
    • Why Am I Seeing Error Code 523?
    • FAQs About Protection Rule Configuration

2022-12-28

This issue is the third official release.

  • Added "Dedicated WAF Mode."
  • Added "Metrics."
  • Added "Permissions Management."
  • Adjusted the structure of "FAQs" and added some FAQs.

2022-05-06

This issue is the second official issue.

Modified "Overview": added descriptions about WAF billing mode and service bandwidth.

2021-07-14

This issue is the first official release.