Help Center/ Web Application Firewall/ User Guide (Kuala Lumpur Region)/ FAQs/ About WAF/ WAF Functions/ Can WAF Defend Against the Apache Struts2 Remote Code Execution Vulnerability (CVE-2021-31805)?
Updated on 2024-03-14 GMT+08:00

Can WAF Defend Against the Apache Struts2 Remote Code Execution Vulnerability (CVE-2021-31805)?

Yes. WAF basic web protection rules can defend against the Apache Struts2 remote code execution vulnerability (CVE-2021-31805).

Configuration Procedure

  1. Enable WAF.
  2. Add the website domain name to WAF and connect it to WAF. For details, see Connecting a Website to WAF (Dedicated Mode).
  3. In the Basic Web Protection configuration area, set Mode to Block. For details, see Configuring Basic Protection Rules to Defend Against Common Web Attacks.