Enabling Connection Protection
If a large number of 502 Bad Gateway and 504 Gateway Timeout errors are detected, you can enable WAF breakdown protection and connection protection to let WAF suspend your website and protect your origin servers from being crashed. When the 502/504 error requests and pending URL requests reach the thresholds you configure, WAF enables corresponding protection for your website.
Prerequisites
- The website you want to protect has been added to WAF.
- You have upgraded the dedicated WAF instance to the latest version. For details, see Upgrading a Dedicated WAF Instance.
Constraints
- You have selected Dedicated mode for your website deployment.
- Before enabling Connection Protection, make sure you have updated dedicated WAF instances to the latest version, or your services might be affected.
Procedure
- Log in to the management console.
- Click
in the upper left corner of the management console and select a region or project. - Click
in the upper left corner and choose Web Application Firewall (Dedicated) under Security. - In the navigation pane, choose Website Settings.
- In the Domain Name column, click the website domain name to go to the basic information page.
- In the Connection Protection area, click the status toggle to enable it.
- Click
next to each parameter, edit Breakdown Protection and Connection Protection parameters to meet your requirements, and click 
to save settings. Table 1 describes these parameters.
Table 1 Connection Protection parameters Parameter
Description
Example Value
Breakdown Protection
502/504 Error Threshold
30s 502/504 Error Threshold
1000
502/504 Error Percentage (%)
A breakdown is triggered when the 502/504 error threshold and percentage threshold have been reached.
90
Initial Downtime (s)
Protection period upon the first breakdown. During this period, WAF stops forwarding client requests.
180
Multiplier for Consecutive Breakdowns
The maximum multiplier you can use for consecutive breakdowns. The number of breakdowns are counted from 0 every time the accumulated breakdown protection duration reaches 3,600s.
For example, assume that Initial Downtime (s) is set to 180s and Multiplier for Consecutive Breakdowns is set to 3.- If the breakdown is triggered for the second time, that is, less than 3, the protection duration is 360s (180s x 2).
- If the breakdown is triggered for the third or fourth time, that is, equal to or greater than 3, the protection duration is 540s (180s x 3).
- When the accumulated downtime duration exceeds 1 hour (3,600s), the number of breakdowns are counted from 0.
3
Connection Protection
Pending URL Request Threshold
Connection Protection is triggered when the number of read URL requests reaches the threshold you configure.
6,000
Duration (s)
Protection duration. During this period, WAF stops forwarding client requests.
60
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
