Updated on 2023-07-26 GMT+08:00

Getting Started

  1. After this solution is deployed, log in to the ECS console and reset the password. For details, see Resetting the Password for Logging In to an ECS on the Management Console.
  2. Use a remote connection tool to log in to the WAF ECS and upload an SSL certificate (public and private key files) to the specified directory: /usr/local/nginx/ssl/. For details, see How Do I Upload Files to My ECS? Run the cd /usr/local/nginx/sbin; ./nginx command to start the Nginx service.

    Figure 1 Uploading an SSL certificate and starting the Nginx service

  3. Configure DNS records. Resolve the website domain name to the EIP obtained in 9. In this way, the website can be accessed over its domain name. For details about DNS resolution, see Configuring Record Sets for a Website.
  4. Use a browser to access the EIP or domain name through HTTP/HTTPS many times to verify that requests are distributed across backend service servers. For example, http://EIP, http://Domain name, https://EIP, https://Domain name, or just the domain name.

    Figure 2 Accessing an EIP mapped to the website private IP address

  5. Enter "https://EIP of the WAF ECS/?param=%22%3E%3Cscript%3Ealert(1);%3C/script%3E" in the browser address box and check whether WAF takes effect.

    Figure 3 Testing WAF