Blocking Malicious Traffic Through IP Address Blacklist or Whitelist Rules

Process

Preparations

1. Before purchasing WAF, create a Huawei account and subscribe to Huawei Cloud. For details, see Registering a HUAWEI ID and Enabling HUAWEI CLOUD Services and Real-Name Authentication.

   If you have enabled Huawei Cloud services and completed real-name authentication, skip this step.

2. Make sure that your account has sufficient balance, or you may fail to pay to your WAF orders.
3. Make sure your account has WAF permissions assigned. For details, see Creating a User Group and Granting Permissions.

   Table 1 System policies supported by WAF

   Role/Policy Name	Description	Category	Dependencies
   WAF Administrator	Administrator permissions for WAF	System-defined role	Dependent on the Tenant Guest and Server Administrator roles. Tenant Guest: A global role, which must be assigned in the global project. Server Administrator: A project-level role, which must be assigned in the same project.
   WAF FullAccess	All permissions for WAF	System-defined policy	None.
   WAF ReadOnlyAccess	Read-only permissions for WAF.	System-defined policy

Step 1: Buy the Standard Edition Cloud WAF

You can use the load balancer access mode only after you purchase the standard, professional, or platinum edition cloud WAF. The following describes how to buy the standard edition cloud WAF.

1. Log in to Huawei Cloud management console.
2. On the management console page, choose Security & Compliance > Web Application Firewall.
3. In the upper right corner of the page, click Buy WAF. On the purchase page displayed, select a WAF mode.
   • Region: Select the region nearest to your services WAF will protect.
   • Edition: Select Standard.
   • Expansion Package and Required Duration: Retain default settings.
4. Confirm the product details and click Buy Now in the lower right corner of the page.
5. Check the order details and read the WAF Disclaimer. Then, select the box and click Pay Now.
6. On the payment page, select a payment method and pay for your order.

After the purchase is complete, submit a service ticket to enable WAF cloud load balancer access mode.

Step 2: Add a Website to WAF in Load Balancer Access Mode

1. In the navigation pane on the left, choose Website Settings.
2. In the upper left corner of the website list, click Add Website.
3. Select Cloud - Load balancer and click Configure Now.
4. On the Add Domain Name page, set the parameters by referring to Figure 1.
   • ELB (Load Balancer): Select an ELB load balancer. Make sure you have added the server address corresponding to the protected website to the ELB load balancer.
   • ELB Listener: Select All listeners.
   • Domain Name: Enter the domain name or IP address you want to protect. We use www.example.com in this example.
   • Policy: System-generated policy is selected by default.
   Figure 1 Domain name settings
   

5. Click Confirm.

Step 4: Configure an IP Address Blacklist or Whitelist Rule

1. In the navigation pane on the left, choose Policies.
2. Click the name of the target policy to go to the protection configuration page.
3. Choose Blacklist and Whitelist and enable it.
   • : enabled.
   • : disabled.

4. Above the blacklist and whitelist rule list, click Add Rule and configure a rule as shown in Figure 2.
   • IP Address/Range/Group: Select IP address/range. To block multiple IP addresses, select Address group.
   • IP Address/Range: Configure the IP addresses or IP address ranges you want to block.
   • Protective Action: Select Block.
   Figure 2 Blocking a specified ip address
   

5. Click Confirm.

Related Information

For details, see Configuring IP Address Blacklist and Whitelist Rules to Block or Allow Specified IP Addresses.