Li, Qiao
e227be9021
Reviewed-by: Hasko, Vladimir <vladimir.hasko@t-systems.com> Co-authored-by: Li, Qiao <qiaoli@huawei.com> Co-committed-by: Li, Qiao <qiaoli@huawei.com>
11 KiB
Viewing Basic Information
This topic describes how to view the basic information about a protected website, switch WAF working mode, and delete a domain name of a protected website from WAF.
Prerequisites
A website has been connected to WAF.
Procedure
- Log in to the management console.
- Click
in the upper left corner of the management console and select a region or project. - Click
in the upper left corner and choose Web Application Firewall (Dedicated) under Security. - In the navigation pane, choose Website Settings.
- View the protected website lists. For details about parameters, see Table 1.Figure 1 Website list
Table 1 Parameter description Parameter
Description
Domain Name
Domain name or IP address of a website to be protected.
Deployment Mode
How your WAF instance is deployed for your website. Only Dedicated mode is available.
Last 3 Days
Protection status of the domain name over the past three days.
Mode
WAF mode of the protected domain name. Click Switch and select one of the following working modes: Click
and select one of the following working mode:- Enabled: WAF is enabled.
- Suspended: WAF is disabled. If a large number of normal requests are blocked, for example, status code 418 is frequently returned, then you can switch the mode to Suspended. In this mode, your website is not protected because WAF only forwards requests. It does not scan for attacks. This mode is risky. You are advised to use the false alarm masking rules to reduce false alarms.
Policy
The total number of protection policies configured in WAF. You can click a number to go to the rule configuration page.
Access Progress/Status
The progress of connecting your website to WAF or the website access status.
Operation
To remove a protected website from WAF, click Delete.
WARNING:The deletion operation cannot be cancelled. Exercise caution when performing this operation.
- In the Domain Name column, click the domain name of the website to go to the basic information page.
- View the basic information about the domain name of the protected website. Figure 2 shows an example.View the basic information about the protected website.
- Update the certificate: If you select HTTPS for Client Protocol, an SSL certificate is required. To update the certificate, click
next to the certificate name in the Certificate Name row. Then, in the displayed dialog box, upload a new certificate or select an existing certificate. For more details, see Updating a Certificate. - Update the TLS version and TLS cipher suite for accessing the origin server: If you select HTTPS for Client Protocol, you can change TLS version to a more secure one. To do so, click next to the TLS Configuration field. Then, in the displayed dialog box, select the desired TLS version and TLS cipher suite. For more details, see Configuring PCI DSS/3DS Certification Check and TLS Version.
- Modify the field of Proxy Configured: Click . In the displayed dialog box, select Yes if your web server is using a proxy.
- Customize the alarm page: Click . In the displayed dialog box, select Custom or Redirection and complete required configurations. By default, Alarm Page is Default.
- If you want to set a timeout duration for each request, enable Timeout Settings and click
to specify WAF-to-Server Connection Timeout (s), Read Timeout (s), and Write Timeout (s). This function cannot be disabled after being enabled. For details, see Configuring Connection Timeout.
- Update the certificate: If you select HTTPS for Client Protocol, an SSL certificate is required. To update the certificate, click
