Constraints and Limitations

If you are using dedicated WAF instances, they have to be updated to version 202309 or later, or the service may become abnormal.
With Cloud Mode - Load balancer, All protection cannot be selected for Ignore WAF Protection for versions earlier than 202303. Only Basic web protection can be selected.
If you select All protection for Ignore WAF Protection, all WAF rules do not take effect, and WAF allows all request traffic to the domain names in the rule.
If you select Basic web protection for Ignore WAF Protection, global protection whitelist rules take effect only for events triggered against WAF built-in rules in Basic Web Protection and anti-crawler rules under Feature Library.
- Basic web protection rules
  Basic web protection defends against common web attacks, such as SQL injection, XSS attacks, remote buffer overflow attacks, file inclusion, Bash vulnerability exploits, remote command execution, directory traversal, sensitive file access, and command and code injections. Basic web protection also detects web shells and evasion attacks.
- Feature-based anti-crawler protection
  Feature-based anti-crawler identifies and blocks crawler behavior from search engines, scanners, script tools, and other crawlers.
It takes several minutes for a new rule to take effect. After the rule takes effect, protection events triggered by the rule will be displayed on the Events page.
You can configure global protection whitelist rules by handling events as false alarms. After an event is handled as a false alarm, you can view the global protection whitelist rule generated in the global protection whitelist rule list.