Configuration Example - Learn More
Case 1: Blocking Specific Attack Requests
Analysis of a specific type of WordPress pingback attack shows that the User Agent field contains WordPress.
A precise protection rule as shown in the figure can block this type of attack.
Case 2: Blocking Specific URL Requests
If a large number of IP addresses are accessing a specific URL that does not exist, configure the following precise protection rule to block such requests to reduce resource usage on the origin server.
Case 3: Blocking Requests with Empty Fields
You can configure precise protection rules to block requests having null fields.
Case 4: Blocking Specified File Types (ZIP, TAR, and DOCX)
You can configure file types that match the path field to block specific files of certain types. For example, if you want to block .zip files, you can configure a precise protection rule as shown in Figure 5 to block access requests of .zip files.
Case 5: Hotlink Protection
You can configure a protection rule based on the Referer field to enable WAF to block hotlinking from a specific website. If you find out that, for example, requests from "https://abc.blog.com" are stealing images from your site, you can configure a rule to block such requests.
Case 6: Allowing Specific URL Requests from a Specified IP Address
You can configure multiple conditions in the Condition List field. If an access request meets the conditions in the list, WAF will allow the request from a specific IP address to access a specified URL.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
