What Working Modes and Protection Mechanisms Does WAF Have?

After you connect a domain name to your WAF instance, WAF works as a reverse proxy between the client and server. The real IP address of the server is hidden and only the IP address of WAF is visible to web visitors.

WAF supports the following working modes:

Enabled
Suspended
Bypassed
- If a proxy is used for the website that is deployed in Cloud mode before it is connected to WAF, the WAF instance cannot be switched to the Bypassed mode.
- The Bypassed mode is unavailable for websites deployed in Dedicated mode.

Table 1 describes the protection mechanism.

**Table 1** Supported protection mechanism
Protection Rule	Protective Action
Basic web protection rules	Block Log only
CC attack protection rules	Verification code Block Block dynamically Log only
Precise protection rules	Block Allow Log only
Blacklist and whitelist rules	Block Allow Log only
Geolocation access control rules	Block Allow Log only

Parent topic: Others

Previous topic: In Which Situations Will the WAF Policies Fail?

Next topic: What Types of Protection Rules Does WAF Support?

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot