Help Center> Web Application Firewall> User Guide> Website Settings> Advanced Settings> Configuring a Timeout for Connections Between WAF and a Website Server
Updated on 2024-04-17 GMT+08:00

Configuring a Timeout for Connections Between WAF and a Website Server

If you want to set a timeout duration for each request between your WAF instance and origin server, enable Timeout Settings and specify WAF-to-Server connection timeout (s), Read timeout (s), and Write timeout (s). This function cannot be disabled once it is enabled.

  • WAF-to-Server Connection Timeout: timeout for WAF and the origin server to establish a TCP connection.
  • Write Timeout: Timeout set for WAF to send a request to the origin server. If the origin server does not receive a request within the specified write timeout, the connection times out.
  • Read Timeout: Timeout set for WAF to read responses from the origin server. If WAF does not receive any response from the origin server within the specified read timeout, the connection times out.

Figure 1 shows the three steps for WAF to forward requests to an origin server.

Figure 1 WAF forwarding requests to origin servers.
  • The timeout for connections from a browser to WAF is 120 seconds. The value varies depending on your browser settings and cannot be changed on the WAF console.
  • The default timeout for connections between WAF and your origin server is 30 seconds. You can customize this timeout. If you are using a dedicated WAF instance or professional or platinum edition cloud WAF instance, you can configure connection timeout, read timeout, and write timeout.
  • For more constraints, see Constraints.

Prerequisites

The website you want to protect has been added to WAF.

Constraints

  • You have selected Cloud - CNAME or Dedicated for protection when adding the website to WAF.
  • In cloud mode, only the professional and platinum editions support custom connection timeouts.
  • The timeout duration for connections between a browser and WAF cannot be modified. Only timeout duration for connections between WAF and your origin server can be modified.
  • This function cannot be disabled once it is enabled.
  • For details about regions where you can configure a connection timeout, see Functions.

Procedure

  1. Log in to the management console.
  2. Click in the upper left corner of the management console and select a region or project.
  3. Click in the upper left corner and choose Web Application Firewall under Security & Compliance.
  4. In the navigation pane, choose Website Settings.
  5. In the Domain Name column, click the website domain name to go to the basic information page.
  6. In the Timeout Settings row, click the Status toggle and enable it if needed.
  7. Click , specify WAF-to-Server connection timeout (s), Read timeout (s), and Write timeout (s), and click to save settings.