Protected Port

Description

The service port corresponding to the website you want to protect. For example, if you want to protect http://www.example.com: 8080, select 8080 for Protected Port.

Standard ports
- 80: default port when the client protocol is HTTP
- 443: default port when the client protocol is HTTPS
Non-standard ports
Ports other than ports 80 and 443. For details, see Ports Supported by WAF.

FAQs

Do I Have to Set the Protected Port to the Origin Server Port When Adding a Website to WAF?

No. When you add a domain name to WAF, configure the server port to the port of the protected website. The origin server port is the service port used by WAF to forward your website requests. More details about port configuration are as follows:

If Client Protocol is set to HTTP, WAF protects services on the standard port 80 by default. If Client Protocol is set to HTTPS, WAF protects services on the standard port 443 by default.
To configure a port other than 80 or 443, select a non-standard port from the Protected Port drop-down list.

How Do I Use a Dedicated WAF Instance to Protect Ports Not Supported by Dedicated WAF?

To protect a non-standard port that is not supported by dedicated WAF, configure an ELB load balancer to distribute traffic to any non-standard port that is supported by dedicated WAF.

For example, a client sends requests over HTTP to a dedicated WAF instance, and you want to protect www.example.com:1234. The dedicated instance cannot protect non-standard port 1234. In this case, you can configure a load balancer to distribute traffic to any other non-standard port (for example, port 81) that can be protected by the dedicated instance. In this way, traffic designated to non-standard port 1234 will go to the load balancer and then to WAF.

For details, see Combining WAF and Layer-7 Load Balancers to Protect Services over Any Ports.

Parent Topic: Adding a Protected Object (Dedicated Mode)

Previous topic: Protected Object

Next topic: Server Configuration