Help Center/ Web Application Firewall/ FAQs/ Protection Rules/ Which Protection Levels Can Be Set for Basic Web Protection?

Updated on 2024-10-25 GMT+08:00

View PDF

Which Protection Levels Can Be Set for Basic Web Protection?

Basic Web Protection has three protection levels. The default protection level is Medium. For details, see Table 1.

**Table 1** Protection levels
Protection Level	Description
Default rule set (loose)	WAF only blocks the requests with obvious attack signatures. If a large number of false alarms are reported, the loose one is recommended.
Default rule set (medium)	This one is selected by default. It meets a majority of web protection requirements.
Default rule set (tight)	At this level, WAF provides the finest granular protection and can intercept attacks with complex bypass features, such as Jolokia cyber attacks, common gateway interface (CGI) vulnerability detection, and Druid SQL injection attacks. To let WAF defend against more attacks but make minimum effect on normal requests, observe your workloads for a period of time first. Then, configure a global protection whitelist rule and select the tight level.

For details about basic web protection, see Configuring Basic Web Protection Rules.

Parent topic: Protection Rules

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.