Updated on 2023-01-05 GMT+08:00

Enabling WAF Protection

This section describes how to enable WAF protection.

  • The WAF engine does not run on your web server. Therefore, your web server performance will not be affected.
  • After your domain name is connected to WAF, there will be a latency of tens of milliseconds, but might be raised based on the size of the requested page or number of incoming requests.
  • You are billed for queries per second (QPS) or service bandwidth. One HTTP GET request is counted as a query, and the maximum QPS WAF can handle is 10,000. The total volume of normal traffic to a website or domain names protected by WAF is counted as the service bandwidth, and the maximum service bandwidth WAF can handle is 300 Mbit/s.

Prerequisites

  • Login credentials have been obtained.
  • Mode for WAF to protect the domain name is Disabled or Bypassed.

Procedure

  1. Log in to the management console.
  2. Click in the upper left corner of the management console and select a region or project.
  3. Click Service List at the top of the page. Choose Security > Web Application Firewall. In the navigation pane on the left, choose Domains.
  4. In the row containing the desired domain name, click Switch Mode in the Operation column.
  5. In the Switch Mode dialog box, select Enabled and then click OK.