What Objects Does WAF Protect?
Web Application Firewall (WAF) examines all HTTP and HTTPS requests to detect and block the following attacks: Structured Query Language (SQL) injection, cross-site scripting (XSS), web shells, command and code injections, file inclusion, sensitive file access, third-party vulnerability exploits, Challenge Collapsar (CC) attacks, malicious crawlers, and cross-site request forgery (CSRF).
WAF can protect websites through domain names or IP addresses.
- In cloud CNAME access mode, only website domain names can be added to WAF.
Your origin server IP address configured in WAF must a public IP address. For example, if an Elastic Load Balance (ELB) load balancer from Huawei Cloud is configured for origin servers, a cloud WAF instance can protect origin servers as long as the load balancer has a public IP address bound.
- In dedicated or cloud load balancer access mode, you can add website domain names or IP addresses to WAF.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot