Updated on 2022-02-22 GMT+08:00

Overview

Web Application Firewall (WAF) keeps web services stable and secure. It examines all HTTP and HTTPS requests to detect and block the following attacks: Structured Query Language (SQL) injection, cross-site scripting (XSS), web shells, command and code injections, file inclusion, sensitive file access, third-party vulnerability exploits, Challenge Collapsar (CC) attacks, malicious crawlers, and cross-site request forgery (CSRF).

This document describes how to use application programming interfaces (APIs) to perform operations on WAF, such as querying and modifying protected domain names. For details about all supported operations, see API Overview.

Before calling WAF APIs, ensure that you are familiar with WAF concepts. For details, see "Service Overview" in the Web Application Firewall User Guide.