Help Center/ Web Application Firewall/ FAQs/ About WAF/ What Objects Does WAF Protect?

Updated on 2024-10-25 GMT+08:00

View PDF

What Objects Does WAF Protect?

Web Application Firewall (WAF) examines all HTTP and HTTPS requests to detect and block the following attacks: Structured Query Language (SQL) injection, cross-site scripting (XSS), web shells, command and code injections, file inclusion, sensitive file access, third-party vulnerability exploits, Challenge Collapsar (CC) attacks, malicious crawlers, and cross-site request forgery (CSRF).

WAF can protect websites through domain names or IP addresses.

In cloud CNAME access mode, only website domain names can be added to WAF.
Your origin server IP address configured in WAF must a public IP address. For example, if an Elastic Load Balance (ELB) load balancer from Huawei Cloud is configured for origin servers, a cloud WAF instance can protect origin servers as long as the load balancer has a public IP address bound.
In dedicated or cloud load balancer access mode, you can add website domain names or IP addresses to WAF.

Parent topic: About WAF

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot