Creating a Reference Table to Configure Protection Metrics in Batches
This topic describes how to create a reference table to batch configure protection metrics of a single type, such as Path, User Agent, IP, Params, Cookie, Referer, and Header. A reference table can be referenced by CC attack protection rules, anti-crawler protection rules, and precise protection rules.
When you configure a CC attack protection rule, anti-crawler rule, or precise protection rule, if the Logic field in the Trigger list is set to Include any value, Exclude any value, Equal to any value, Not equal to any value, Prefix is any value, Prefix is not any value, Suffix is any value, or Suffix is not any value, you can select an appropriate reference table from the Content drop-down list.
If you have enabled enterprise projects, ensure that you have all operation permissions for the project where your WAF instance locates. Then, you can select the project from the Enterprise Project drop-down list and configure protection policies for the domain names in the project.
Prerequisites
- You have added the website you want to protect to WAF or added a protection policy.
- For cloud CNAME access mode, see Connecting a Website to WAF (Cloud Mode - CNAME Access).
- For cloud load balancer access mode, see Connecting Your Website to WAF (Cloud Mode - Load Balancer Access).
- For dedicated mode, see Connecting Your Website to WAF (Dedicated Mode).
- If you use a dedicated WAF instance, ensure that it has been upgraded to the latest version. For details, see Managing Dedicated WAF Engines.
Constraints
This function is not supported in the standard edition.
Application Scenarios
Reference tables can be used for configuring multiple protection fields in CC attack protection, anti-crawler, and precise protection rules.
Creating a Reference Table
- Log in to the management console.
- Click in the upper left corner of the management console and select a region or project.
- Click in the upper left corner and choose Web Application Firewall under Security & Compliance.
- In the navigation pane on the left, choose Policies.
- Click the name of the target policy to go to the protection configuration page.
- Click the CC Attack Protection or Precise Protection configuration area.
- Click Reference Table Management in the upper left corner of the list.
- On the Reference Table Management page, click Add Reference Table.
- In the Add Reference Table dialog box, specify the parameters by referring to Table 1.
Figure 1 Adding a reference table
Table 1 Parameter description Parameter
Description
Example Value
Name
Table name you entered
test
Type
- Path: A URL to be protected, excluding a domain name
- User Agent: A user agent of the scanner to be protected
- IP: An IP address of the visitor to be protected.
NOTICE:
- In cloud mode, only the professional or platinum edition can protect IPv6 addresses.
- You can configure 0.0.0.0/0 and ::/0 IP address ranges to block all IPv4 and IPv6 traffic, respectively.
- Params: A request parameter to be protected
- Cookie: A small piece of data to identify web visitors
- Referer: A user-defined request resource
For example, if the protected path is /admin/xxx and you do not want visitors to be able to access it from www.test.com, set Value to http://www.test.com.
- Header: A user-defined HTTP header
- Request Body: data contained in an HTTP request.
- Response Code: status code returned to the request.
- Response Body: response message body
- Response Header: response header.
Path
Value
Value of the corresponding Type. Wildcards are not allowed.
NOTE:Click Add to add more than one value.
/buy/phone/
Rule Description
Description of the rule.
-
- Click Confirm. You can then view the added reference table in the reference table list.
Related Operations
- To modify a reference table, click Modify in the row containing the reference table.
- To delete a reference table, click Delete in the row containing the reference table.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot