yexinru/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity

WAF user guide 20250729 version

Browse Source 
Reviewed-by: Rogal, Marcel <mrogal@noreply.gitea.eco.tsi-dev.otc-service.com>
Co-authored-by: qinweiwei <qinweiwei@huawei.com>
Co-committed-by: qinweiwei <qinweiwei@huawei.com>
This commit is contained in:
Qin, Weiwei
2025-09-09 13:02:06 +00:00
committed by zuul
parent 070036121f
commit 6f60ff9f8d
317 changed files with 1437 additions and 1737 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
docs/wafd/umn/waf_01_1172.html
View File

@ -4,10 +4,10 @@
<div id="body0000001285632537"><p id="waf_01_1172__p16383143452210">If a large number of 502 Bad Gateway and 504 Gateway Timeout errors are detected, you can enable WAF breakdown protection and connection protection to let WAF suspend your website and protect your origin servers from being crashed. When the 502/504 error requests and pending URL requests reach the thresholds you configure, WAF enables corresponding protection for your website.</p>
<div class="section" id="waf_01_1172__section7637101713317"><h4 class="sectiontitle">Prerequisites</h4><ul id="waf_01_1172__ul154701511124116"><li id="waf_01_1172__li6470511144118">You have <a href="waf_01_1108.html">added the website to WAF</a>.</li><li id="waf_01_1172__li147031314415">You have upgraded the dedicated WAF instance to the latest version. For details, see <a href="waf_01_0253.html#waf_01_0253__section38005331521">Upgrading a Dedicated WAF Instance</a>.</li></ul>
</div>
<div class="section" id="waf_01_1172__section1760764511313"><h4 class="sectiontitle">Constraints</h4><ul id="waf_01_1172__ul11463529184317"><li id="waf_01_1172__li144633295431">You have selected <strong id="waf_01_1172__b16871175282310">Dedicated mode</strong> for your website deployment.</li><li id="waf_01_1172__li1982465214281">Before enabling <strong id="waf_01_1172__b859324243718">Connection Protection</strong>, make sure <a href="waf_01_0253.html#waf_01_0253__section38005331521">you have updated dedicated WAF instances to the latest version,</a> or your services might be affected.</li></ul>
<div class="section" id="waf_01_1172__section1760764511313"><h4 class="sectiontitle">Constraints</h4><ul id="waf_01_1172__ul11463529184317"><li id="waf_01_1172__li144633295431">You have selected <strong id="waf_01_1172__b16871175282310">Dedicated mode</strong> for your website deployment.</li><li id="waf_01_1172__li1982465214281">Before enabling <strong id="waf_01_1172__b859324243718">Connection Protection</strong>, make sure <a href="waf_01_0253.html#waf_01_0253__section38005331521">you have updated dedicated WAF instances to the latest version</a>, or your services might be affected.</li></ul>
</div>
<div class="section" id="waf_01_1172__section597513113419"><h4 class="sectiontitle">Enabling Connection Protection</h4><ol id="waf_01_1172__ol4159142783419"><li id="waf_01_1172__li249812510151"><span>Log in to the management console.</span></li><li id="waf_01_1172__li276053022213"><span>Click <span><img id="waf_01_1172__waf_01_0021_image9276732172914" src="en-us_image_0000002194533712.jpg"></span> in the upper left corner of the management console and select a region or project.</span></li><li id="waf_01_1172__li67331949128"><span>Click <span><img id="waf_01_1172__waf_01_0021_image074281418325" src="en-us_image_0000002194070596.png"></span> in the upper left corner and choose <strong id="waf_01_1172__waf_01_0021_b1445901473316">Web Application Firewall (Dedicated)</strong> under <strong id="waf_01_1172__waf_01_0021_b2459171493317">Security</strong>.</span></li><li id="waf_01_1172__li132301930131017"><span>In the navigation pane on the left, choose <strong id="waf_01_1172__waf_01_1169_b137707433272">Website Settings</strong>.</span></li><li id="waf_01_1172__li2076984020112"><span>In the <strong id="waf_01_1172__b1822803604617">Domain Name</strong> column, click the website domain name to go to the basic information page.</span></li><li id="waf_01_1172__li887583154114"><span>In the <strong id="waf_01_1172__b64681264259">Connection Protection</strong> area, click the status toggle to enable it.</span><p><div class="fignone" id="waf_01_1172__fig491043320154"><a name="waf_01_1172__fig491043320154"></a><a name="fig491043320154"></a><span class="figcap"><b>Figure 1 </b>Connection Protection</span><br><span><img id="waf_01_1172__image5472122819316" src="en-us_image_0000001556300637.png" title="Click to enlarge" class="imgResize"></span></div>
</p></li><li id="waf_01_1172__li690417598475"><span>Click <span><img id="waf_01_1172__image15564142774115" src="en-us_image_0000001241765756.png"></span> next to each parameter, edit <strong id="waf_01_1172__b8556379273">Breakdown Protection</strong> and <strong id="waf_01_1172__b11441746182720">Connection Protection</strong> parameters to meet your requirements, and click <span><img id="waf_01_1172__image87145316394" src="en-us_image_0000001241293100.png"></span> to save settings. <a href="#waf_01_1172__table172097131662">Table 1</a> describes these parameters.</span><p>
<div class="section" id="waf_01_1172__section597513113419"><h4 class="sectiontitle">Enabling Connection Protection</h4><ol id="waf_01_1172__ol4159142783419"><li id="waf_01_1172__li612711519813"><span>Log in to the management console.</span></li><li id="waf_01_1172__li458314281487"><span>Click <span><img id="waf_01_1172__en-us_topic_0000002335595889_image158886314810" src="en-us_image_0000002395174933.png"></span> in the upper left corner and select a region or project.</span></li><li id="waf_01_1172__li159657213511"><span>Click <span><img id="waf_01_1172__en-us_topic_0000002335595889_image172869321316" src="en-us_image_0000002395334641.png"></span> in the upper left corner and choose <strong id="waf_01_1172__en-us_topic_0000002335595889_b1545322105418">Web Application Firewall (Dedicated)</strong> under <strong id="waf_01_1172__en-us_topic_0000002335595889_b12545122195419">Security</strong>.</span></li><li id="waf_01_1172__li86686045213"><span>In the navigation pane on the left, click <strong id="waf_01_1172__en-us_topic_0000002335595889_b1461002735513">Website Settings</strong>.</span></li><li id="waf_01_1172__li11933454194617"><span>On the <span class="wintitle" id="waf_01_1172__en-us_topic_0000002335595889_en-us_topic_0000001282097013_en-us_topic_0110861354_wintitle26181631184310"><b>Website Settings</b></span> page, click the target website domain name.</span></li><li id="waf_01_1172__li887583154114"><span>In the <strong id="waf_01_1172__b64681264259">Connection Protection</strong> area, click the status toggle to enable it.</span><p><div class="fignone" id="waf_01_1172__fig491043320154"><a name="waf_01_1172__fig491043320154"></a><a name="fig491043320154"></a><span class="figcap"><b>Figure 1 </b>Connection Protection</span><br><span><img id="waf_01_1172__image5472122819316" src="en-us_image_0000002361496148.png" title="Click to enlarge" class="imgResize"></span></div>
</p></li><li id="waf_01_1172__li690417598475"><span>Click <span><img id="waf_01_1172__image15564142774115" src="en-us_image_0000002361656060.png"></span> next to each parameter, edit <strong id="waf_01_1172__b8556379273">Breakdown Protection</strong> and <strong id="waf_01_1172__b11441746182720">Connection Protection</strong> parameters to meet your requirements, and click <span><img id="waf_01_1172__image87145316394" src="en-us_image_0000002395176093.png"></span> to save settings. <a href="#waf_01_1172__table172097131662">Table 1</a> describes these parameters.</span><p>
<div class="tablenoborder"><a name="waf_01_1172__table172097131662"></a><a name="table172097131662"></a><table cellpadding="4" cellspacing="0" summary="" id="waf_01_1172__table172097131662" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Connection Protection parameters</caption><thead align="left"><tr id="waf_01_1172__row921013131669"><th align="left" class="cellrowborder" colspan="2" valign="top" id="mcps1.3.4.2.7.2.1.2.5.1.1"><p id="waf_01_1172__p4205101118714">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" id="mcps1.3.4.2.7.2.1.2.5.1.2"><p id="waf_01_1172__p721114131361">Description</p>
@ -68,7 +68,7 @@
</table>
</div>
<div class="note" id="waf_01_1172__note15741431153712"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="waf_01_1172__p56555535317">Use <a href="#waf_01_1172__fig491043320154">Figure 1</a> as an example:</p>
<ul id="waf_01_1172__ul98161581418"><li id="waf_01_1172__li3816181540"><strong id="waf_01_1172__b1051314436193">Breakdown Protection</strong>: When the number of 502/504 errors returned by the protected website exceeds 1,000 and accounts for 90% or more of the total access requests of the website for the first time, the first breakdown protection is triggered. During the first breakdown protection, WAF stops forwarding client requests for 180s (that is, blocks visitors access to the website for 180s). If a second consecutive breakdown protection is triggered, WAF stops forwarding client requests for 360s (180 x 2). If a third or more consecutive breakdowns are triggered, WAF stops forwarding client requests for 540s (180s x 3). The breakdowns are counted from 0 when the total downtime duration exceeds one hour (3,600s).</li><li id="waf_01_1172__li1357510710616"><strong id="waf_01_1172__b5492737452">Connection Protection</strong>: When the number of read URL requests in the waiting queue exceeds 6,000, WAF stops forwarding client requests for 60 seconds and returns the maintenance page of the website to visitors.</li></ul>
<ul id="waf_01_1172__ul98161581418"><li id="waf_01_1172__li3816181540"><strong id="waf_01_1172__b1051314436193">Breakdown Protection</strong>: When the number of 502/504 errors returned by the protected website exceeds 1,000 and accounts for 90% or more of the total access requests of the website for the first time, the first breakdown protection is triggered. During the first breakdown protection, WAF stops forwarding client requests for 180s (that is, blocks visitors access to the website for 180s). If a second consecutive breakdown protection is triggered, WAF stops forwarding client requests for 360s (180 x 2). If a third or more consecutive breakdowns are triggered, WAF stops forwarding client requests for 540s (180s x 3). The breakdowns are counted from 0 when the total downtime duration exceeds one hour (3,600s).</li><li id="waf_01_1172__li1357510710616"><strong id="waf_01_1172__b5492737452">Connection Protection</strong>: When the number of read URL requests in the waiting queue exceeds 6,000, WAF stops forwarding client requests for 60s and returns the maintenance page of the website to visitors.</li></ul>
</div></div>
</p></li></ol>
</div>