yexinru/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity

WAF user guide 20251023 version

Browse Source 
Reviewed-by: Rogal, Marcel <mrogal@noreply.gitea.eco.tsi-dev.otc-service.com>
Co-authored-by: qinweiwei <qinweiwei@huawei.com>
Co-committed-by: qinweiwei <qinweiwei@huawei.com>
This commit is contained in:
Qin, Weiwei
2026-03-26 07:04:29 +00:00
committed by zuul
parent 5bfde208c6
commit e93b6e9947
12 changed files with 17 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
docs/wafd/umn/en-us_image_0000002395335841.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 29 KiB

BIN
docs/wafd/umn/en-us_image_0000002483843449.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 39 KiB

8
docs/wafd/umn/waf_01_0024.html
View File

@ -4,7 +4,7 @@
<div id="body1513909553045"><p id="waf_01_0024__p2413133973517">If you are sure that a protection event is a false alarm (no malicious link or character was detected), you can handle it as a false alarm, add the client IP address to an address group that is allowed by the policy, add the client IP address to a blacklist/whitelist rule, or disable or delete the hit protection rule. Events that have been handled as false alarms will not be displayed in the event list.</p>
<div class="section" id="waf_01_0024__section143147568713"><h4 class="sectiontitle">Scenarios</h4><p id="waf_01_0024__p2853171174710">If legitimate service requests are blocked by WAF, the website may be inaccessible to some visitors. For example, after you connect a web service deployed on ECSs to WAF over its public domain name and enable basic web protection for it, if its normal traffic hits a protection rule, the access requests will be blocked. The web service becomes inaccessible over the domain name or returns errors to visitors, but it is still accessible over server IP addresses. It is more likely that the requests were blocked mistakenly, and the event is a false alarm. In this case, you need to handle the event as a false alarm.</p>
<p id="waf_01_0024__p84857731520">You can handle false alarms in the following ways based on how they were generated:</p>
<ul id="waf_01_0024__ul191503312150"><li id="waf_01_0024__li854749151916">For a protection event triggered by a WAF built-in rule, you can ignore the corresponding WAF protection in the global protection whitelist rule. For details, see <a href="#waf_01_0024__section1078165815512">Handling False Alarms Triggered by Protection Rules</a>.<p id="waf_01_0024__p15522146209">WAF built-in rules include basic web protection rules, and feature-based anti-crawler rules.</p>
<ul id="waf_01_0024__ul191503312150"><li id="waf_01_0024__li854749151916">For a protection event triggered by a WAF built-in rule, you can ignore the corresponding WAF protection in the global protection whitelist rule. For details, see <a href="#waf_01_0024__section1078165815512">Handling False Alarms Triggered by Protection Rules</a>.<p id="waf_01_0024__p15522146209">WAF built-in rules include basic web protection rules and feature-based anti-crawler rules.</p>
</li><li id="waf_01_0024__li6150173141515">For a protection event triggered by a custom rule, you can disable or delete the corresponding protection rule. For details, see <a href="#waf_01_0024__section1078165815512">Handling False Alarms Triggered by Protection Rules</a>.<p id="waf_01_0024__p737285114236">WAF custom rules include <strong id="waf_01_0024__b152946158251044">CC attack protection rules</strong>, <strong id="waf_01_0024__b55477633951044">precise protection rules</strong>, <strong id="waf_01_0024__b37379922651044">blacklist and whitelist rules</strong>, and <strong id="waf_01_0024__b51340893151044">geolocation access control rules</strong> you create.</p>
</li><li id="waf_01_0024__li1960011052514">For a client IP address mistakenly blocked, you can add it to an address group or add it to a blacklist/whitelist rule to allow it. For details, see <a href="#waf_01_0024__section12680141116438">Handling False Positives Based on Client IP Addresses</a>.</li></ul>
</div>
@ -13,9 +13,9 @@
<div class="section" id="waf_01_0024__section16466131062"><h4 class="sectiontitle">Constraints</h4><ul id="waf_01_0024__ul4606132594520"><li id="waf_01_0024__li86062025204511">A protection event can only be handled as a false alarm once.</li><li id="waf_01_0024__li203391821153311">Dedicated WAF instances earlier than June 2022 do not support <strong id="waf_01_0024__b1994114522322">All protection</strong> for <strong id="waf_01_0024__b794165217322">Ignore WAF Protection</strong>. Only <strong id="waf_01_0024__b6941125213220">Basic web protection</strong> can be selected.</li></ul>
</div>
<div class="section" id="waf_01_0024__section1078165815512"><a name="waf_01_0024__section1078165815512"></a><a name="section1078165815512"></a><h4 class="sectiontitle">Handling False Alarms Triggered by Protection Rules</h4><p id="waf_01_0024__p1771195691011">If you are sure that an event is a false alarm generated based on a WAF built-in rule or custom protection rule, you can handle the event as a false alarm.</p>
<ul id="waf_01_0024__ul21071812141111"><li id="waf_01_0024__li191071412141115">WAF built-in rules include <strong id="waf_01_0024__b634494265594">basic web protection</strong> <strong id="waf_01_0024__b1629721787594">rules</strong>, and <strong id="waf_01_0024__b409274125594">feature-based anti-crawler</strong> <strong id="waf_01_0024__b1699937483594">rules</strong>.</li><li id="waf_01_0024__li810714127111">WAF custom rules include <strong id="waf_01_0024__b73841157351044">CC attack protection rules</strong>, <strong id="waf_01_0024__b184026544651044">precise protection rules</strong>, <strong id="waf_01_0024__b2895928851044">blacklist and whitelist rules</strong>, and <strong id="waf_01_0024__b27282211951044">geolocation access control rules</strong> you create.</li></ul>
<ul id="waf_01_0024__ul21071812141111"><li id="waf_01_0024__li191071412141115">WAF built-in rules include <strong id="waf_01_0024__b634494265594">basic web protection</strong> <strong id="waf_01_0024__b1629721787594">rules</strong> and <strong id="waf_01_0024__b409274125594">feature-based anti-crawler</strong> <strong id="waf_01_0024__b1699937483594">rules</strong>.</li><li id="waf_01_0024__li810714127111">WAF custom rules include <strong id="waf_01_0024__b73841157351044">CC attack protection rules</strong>, <strong id="waf_01_0024__b184026544651044">precise protection rules</strong>, <strong id="waf_01_0024__b2895928851044">blacklist and whitelist rules</strong>, and <strong id="waf_01_0024__b27282211951044">geolocation access control rules</strong> you create.</li></ul>
<ol id="waf_01_0024__ol866815019528"><li id="waf_01_0024__li612711519813"><span>Log in to the management console.</span></li><li id="waf_01_0024__li458314281487"><span>Click <span><img id="waf_01_0024__en-us_topic_0000002335595889_image158886314810" src="en-us_image_0000002395174933.png"></span> in the upper left corner and select a region or project.</span></li><li id="waf_01_0024__li159657213511"><span>Click <span><img id="waf_01_0024__en-us_topic_0000002335595889_image172869321316" src="en-us_image_0000002395334641.png"></span> in the upper left corner and choose <strong id="waf_01_0024__en-us_topic_0000002335595889_b1545322105418">Web Application Firewall (Dedicated)</strong> under <strong id="waf_01_0024__en-us_topic_0000002335595889_b12545122195419">Security</strong>.</span></li><li id="waf_01_0024__li86686045213"><span>In the navigation pane on the left, click <strong id="waf_01_0024__en-us_topic_0000002335595889_b133727181559">Events</strong>.</span></li><li id="waf_01_0024__li86691805525"><span>View protection details of a specified domain name, instance, and time range. </span></li><li id="waf_01_0024__li43285317717"><span>Locate the target protection event and choose <span class="menucascade" id="waf_01_0024__menucascade14338536719"><b><span class="uicontrol" id="waf_01_0024__uicontrol10337536712">More</span></b> &gt; <b><span class="uicontrol" id="waf_01_0024__uicontrol143325319710">Handle as False Alarm</span></b></span> in the <span class="parmname" id="waf_01_0024__parmname203318531675"><b>Operation</b></span> column.</span></li><li id="waf_01_0024__li106698095219"><span>In the <span class="parmname" id="waf_01_0024__parmname77139013576"><b>Handle False Alarm</b></span> dialog box, handle the event.</span><p><ul id="waf_01_0024__ul132701121194316"><li id="waf_01_0024__li10270821154317"><strong id="waf_01_0024__b232173115434">Ignore the corresponding WAF protection based on the request features hit the rule.</strong><p id="waf_01_0024__p1889325474">If a protection event is triggered by a rule in <strong id="waf_01_0024__b8925160134820">Basic Web Protection</strong> or <strong id="waf_01_0024__b3925110134819">Feature-based Anti-Crawler</strong>, the associated request features will be displayed in the <strong id="waf_01_0024__b634382110511">Handle False Alarm</strong> dialog box by default. You need to ignore the corresponding WAF protection type and click <span class="parmname" id="waf_01_0024__parmname176491717193318"><b>OK</b></span>. For details about the parameters of the global whitelist rule, see <a href="#waf_01_0024__table15669504522">Table 1</a>.</p>
<div class="fignone" id="waf_01_0024__fig11669160135218"><span class="figcap"><b>Figure 1 </b>Handle False Alarm</span><br><span><img id="waf_01_0024__image2669303521" src="en-us_image_0000002395335841.png" title="Click to enlarge" class="imgResize"></span></div>
<div class="fignone" id="waf_01_0024__fig11669160135218"><span class="figcap"><b>Figure 1 </b>Handle False Alarm</span><br><span><img id="waf_01_0024__image1950613269445" src="en-us_image_0000002483843449.png" title="Click to enlarge" class="imgResize"></span></div>
<div class="tablenoborder"><a name="waf_01_0024__table15669504522"></a><a name="table15669504522"></a><table cellpadding="4" cellspacing="0" summary="" id="waf_01_0024__table15669504522" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Parameters</caption><thead align="left"><tr id="waf_01_0024__en-us_topic_0110861348_row1423118585235"><th align="left" class="cellrowborder" valign="top" width="22.91229122912291%" id="mcps1.3.5.4.7.2.1.1.4.2.4.1.1"><p id="waf_01_0024__en-us_topic_0110861348_p1537916427241">Parameter</p>
</th>
@ -149,7 +149,7 @@
</tr>
<tr id="waf_01_0024__row187431318162617"><td class="cellrowborder" valign="top" width="23.3%" headers="mcps1.3.6.3.6.2.1.2.1.2.4.2.3.1.1 "><p id="waf_01_0024__p67431518132618">Known Attack Source</p>
</td>
<td class="cellrowborder" valign="top" width="76.7%" headers="mcps1.3.6.3.6.2.1.2.1.2.4.2.3.1.2 "><p id="waf_01_0024__p974318186264">If you select <strong id="waf_01_0024__b135491944161717">Block</strong> for <strong id="waf_01_0024__b135499447176">Protective Action</strong>, you can configure a known attack source rule. Then, WAF blocks the requests matching the configured <strong id="waf_01_0024__b12305942161820">IP</strong>, <strong id="waf_01_0024__b1430554216187">Cookie</strong>, or <strong id="waf_01_0024__b6306124215183">Params</strong> for a period configured by the known attack source rule. For details about know attack source rules, see <a href="waf_01_0271.html">Configuring a Known Attack Source Rule to Block Specific Visitors for a Specified Duration</a>.</p>
<td class="cellrowborder" valign="top" width="76.7%" headers="mcps1.3.6.3.6.2.1.2.1.2.4.2.3.1.2 "><p id="waf_01_0024__p974318186264">If you select <strong id="waf_01_0024__b135491944161717">Block</strong> for <strong id="waf_01_0024__b135499447176">Protective Action</strong>, you can configure a known attack source rule. Then, WAF blocks the requests matching the configured <strong id="waf_01_0024__b12305942161820">IP</strong>, <strong id="waf_01_0024__b1430554216187">Cookie</strong>, or <strong id="waf_01_0024__b6306124215183">Params</strong> for a period configured by the known attack source rule. For details about known attack source rules, see <a href="waf_01_0271.html">Configuring a Known Attack Source Rule to Block Specific Visitors for a Specified Duration</a>.</p>
</td>
</tr>
<tr id="waf_01_0024__row474391882620"><td class="cellrowborder" valign="top" width="23.3%" headers="mcps1.3.6.3.6.2.1.2.1.2.4.2.3.1.1 "><p id="waf_01_0024__p7743161812265">Rule Description</p>

4
docs/wafd/umn/waf_01_0045.html
View File

@ -2,13 +2,13 @@
<h1 class="topictitle1">What Is WAF?</h1>
<div id="body1481717626718"><p id="waf_01_0045__p0823871817">Web Application Firewall (WAF) keeps web services stable and secure. It examines all HTTP and HTTPS requests to detect and block the following attacks: Structured Query Language (SQL) injection, cross-site scripting (XSS), web shells, command and code injections, file inclusion, sensitive file access, third-party vulnerability exploits, Challenge Collapsar (CC) attacks, malicious crawlers, and cross-site request forgery (CSRF).</p>
<p id="waf_01_0045__p47971824142917">After you enable a WAF instance,you still need to add your website domain to the WAF instance on the WAF console. All public network traffic for your website then goes to WAF first. WAF identifies and filters out the illegitimate traffic, and routes only the legitimate traffic to your origin server to ensure site security.</p>
<p id="waf_01_0045__p47971824142917">After you enable a WAF instance, you still need to add your website domain to the WAF instance on the WAF console. All public network traffic for your website then goes to WAF first. WAF identifies and filters out the illegitimate traffic, and routes only the legitimate traffic to your origin server to ensure site security.</p>
<div class="section" id="waf_01_0045__section131251948304"><h4 class="sectiontitle">How WAF Works (Dedicated Mode)</h4><p id="waf_01_0045__p448718193019">After applying for WAF, add the website to WAF on the WAF console. After a website is connected to WAF, all website access requests are forwarded to WAF first. WAF detects and filters out malicious attack traffic, and returns normal traffic to the origin server to ensure that the origin server is secure, stable, and available.</p>
<div class="fignone" id="waf_01_0045__fig1660233183315"><span class="figcap"><b>Figure 1 </b>How WAF Works</span><br><span><img id="waf_01_0045__image18336135725015" src="en-us_image_0000002361655880.png" title="Click to enlarge" class="imgResize"></span></div>
<p id="waf_01_0045__p156516019551">The process of forwarding traffic from WAF to origin servers is called back-to-source. WAF uses back-to-source IP addresses to send client requests to the origin server. When a website is connected to WAF, the destination IP addresses to the client are the IP addresses of WAF, so that the origin server IP address is invisible to the client.</p>
<div class="fignone" id="waf_01_0045__fig6622184717495"><span class="figcap"><b>Figure 2 </b>Back-to-source IP address</span><br><span><img id="waf_01_0045__en-us_topic_0167535083_image0938165714177" src="en-us_image_0000002361655616.png"></span></div>
</div>
<div class="section" id="waf_01_0045__section1338043519391"><h4 class="sectiontitle">How WAF Works (ELB Access Mode)</h4><p id="waf_01_0045__p144710465518">If you connect a website to WAFELB access mode, WAF works as follows:</p>
<div class="section" id="waf_01_0045__section1338043519391"><h4 class="sectiontitle">How WAF Works (ELB Access Mode)</h4><p id="waf_01_0045__p144710465518">If you connect a website to WAF ELB access mode, WAF works as follows:</p>
<ul id="waf_01_0045__ul1232796185510"><li id="waf_01_0045__li1248512129555">In this mode, WAF is integrated into the gateway of an ELB load balancer through an SDK module. WAF extracts traffic through the SDK module embedded in the gateway for inspection.</li><li id="waf_01_0045__li998961965518">WAF synchronizes the inspection result to the load balancer, and the load balancer determines whether to forward client requests to the origin server based on the inspection result.</li><li id="waf_01_0045__li732718611551">In this method, WAF does not forward traffic. This reduces compatibility and stability problems.</li></ul>
<div class="fignone" id="waf_01_0045__fig16129112219411"><span class="figcap"><b>Figure 3 </b>How WAF in ELB load balancer access mode works</span><br><span><img id="waf_01_0045__image02811542153617" src="en-us_image_0000002361496104.png" title="Click to enlarge" class="imgResize"></span></div>
</div>

2
docs/wafd/umn/waf_01_0128.html
View File

@ -3,7 +3,7 @@
<h1 class="topictitle1">Can I Access a Website Using an IP Address After a Domain Name Is Connected to WAF?</h1>
<div id="body1571389323409"><p id="waf_01_0128__p8060118">After a domain name is connected to WAF, you can enter the origin server IP address in the address bar of the browser to access the website. However, your origin server IP address is easily exposed. As a result, attackers can bypass WAF and attack your origin server.</p>
<p id="waf_01_0128__p421910144213">Web Application Firewall (WAF) keeps web services stable and secure. It examines all HTTP and HTTPS requests to detect and block the following attacks: Structured Query Language (SQL) injection, cross-site scripting (XSS), web shells, command and code injections, file inclusion, sensitive file access, third-party vulnerability exploits, Challenge Collapsar (CC) attacks, malicious crawlers, and cross-site request forgery (CSRF).</p>
<p id="waf_01_0128__p15323324134310">After you enable a WAF instance,you still need to add your website domain to the WAF instance on the WAF console. All public network traffic for your website then goes to WAF first. WAF identifies and filters out the illegitimate traffic, and routes only the legitimate traffic to your origin server to ensure site security.</p>
<p id="waf_01_0128__p15323324134310">After you enable a WAF instance, you still need to add your website domain to the WAF instance on the WAF console. All public network traffic for your website then goes to WAF first. WAF identifies and filters out the illegitimate traffic, and routes only the legitimate traffic to your origin server to ensure site security.</p>
</div>
<div>
<div class="familylinks">

4
docs/wafd/umn/waf_01_0169.html
View File

@ -435,7 +435,7 @@
</table>
</div>
</div>
<div class="section" id="waf_01_0169__section43561042125018"><h4 class="sectiontitle">Impact on the System</h4><ul id="waf_01_0169__ul6895173111519"><li id="waf_01_0169__li8262102115527">If you enable the PCI DSS certification check:<ul id="waf_01_0169__ul1144123635220"><li id="waf_01_0169__li1688802910527">The minimum TLS version and cypher suite are automatically set to <strong id="waf_01_0169__b511912472386">TLS v1.2</strong> and <strong id="waf_01_0169__b4121204720382">EECDH+AESGCM:EDH+AESGCM</strong>, respectively, and cannot be changed.</li><li id="waf_01_0169__li5889329185211">To change the minimum TLS version and cipher suite, disable the check.</li></ul>
<div class="section" id="waf_01_0169__section43561042125018"><h4 class="sectiontitle">Impact on the System</h4><ul id="waf_01_0169__ul6895173111519"><li id="waf_01_0169__li8262102115527">If you enable the PCI DSS certification check:<ul id="waf_01_0169__ul1144123635220"><li id="waf_01_0169__li1688802910527">The minimum TLS version and cipher suite are automatically set to <strong id="waf_01_0169__b511912472386">TLS v1.2</strong> and <strong id="waf_01_0169__b4121204720382">EECDH+AESGCM:EDH+AESGCM</strong>, respectively, and cannot be changed.</li><li id="waf_01_0169__li5889329185211">To change the minimum TLS version and cipher suite, disable the check.</li></ul>
</li><li id="waf_01_0169__li13262521135219">If you enable the PCI 3DS certification check:<ul id="waf_01_0169__ul479815458523"><li id="waf_01_0169__li128961631155119">The minimum TLS version is automatically set to <strong id="waf_01_0169__b165921110286">TLS v1.2</strong> and cannot be changed.</li><li id="waf_01_0169__li1896143155117">The check cannot be disabled.</li></ul>
</li></ul>
</div>
@ -443,7 +443,7 @@
<ul id="waf_01_0169__ul15274197553"><li id="waf_01_0169__li1227417714512">Select <strong id="waf_01_0169__b999842917229">PCI DSS</strong>. In the displayed <strong id="waf_01_0169__b1184213348229">Warning</strong> dialog box, click <strong id="waf_01_0169__b18601738182219">OK</strong> to enable the PCI DSS certification check.<p id="waf_01_0169__p148816924816"></p>
<p id="waf_01_0169__p1571616175914"><span><img id="waf_01_0169__image10571141695917" src="en-us_image_0000002361654928.png"></span></p>
<p id="waf_01_0169__p457141605916"></p>
<div class="notice" id="waf_01_0169__note157101616593"><span class="noticetitle"><img src="public_sys-resources/notice_3.0-en-us.png"> </span><div class="noticebody"><p id="waf_01_0169__p8571516185917">If PCI DSS certification check is enabled, the minimum TLS version and cypher suite cannot be changed.</p>
<div class="notice" id="waf_01_0169__note157101616593"><span class="noticetitle"><img src="public_sys-resources/notice_3.0-en-us.png"> </span><div class="noticebody"><p id="waf_01_0169__p8571516185917">If PCI DSS certification check is enabled, the minimum TLS version and cipher suite cannot be changed.</p>
</div></div>
</li><li id="waf_01_0169__li11333026381">Select <strong id="waf_01_0169__b113129192320">PCI 3DS</strong>. In the displayed <strong id="waf_01_0169__b925119112311">Warning</strong> dialog box, click <strong id="waf_01_0169__b8260932318">OK</strong> to enable the PCI 3DS certification check.<p id="waf_01_0169__p1362754215546"></p>
<p id="waf_01_0169__p7188173214546"><span><img id="waf_01_0169__image51881132135415" src="en-us_image_0000002361495004.png"></span></p>

4
docs/wafd/umn/waf_01_0172.html
View File

@ -614,7 +614,7 @@
<td class="cellrowborder" valign="top" width="22.470000000000002%" headers="mcps1.3.8.2.1.5.1.3 "><p id="waf_01_0172__p66621431155213">Protective action</p>
</td>
<td class="cellrowborder" valign="top" width="48.49%" headers="mcps1.3.8.2.1.5.1.4 "><p id="waf_01_0172__p1866213135218">WAF defense action.</p>
<ul id="waf_01_0172__ul620664355312"><li id="waf_01_0172__li11206194311537"><span class="parmvalue" id="waf_01_0172__parmvalue11346203810351"><b>block</b></span>: WAF blocks attacks.</li><li id="waf_01_0172__li13206543125319"><strong id="waf_01_0172__b232212418353">log</strong>: WAF only logs detected attacks.</li><li id="waf_01_0172__li12206174325316"><strong id="waf_01_0172__b361620586250">captcha</strong>: Verification code</li></ul>
<ul id="waf_01_0172__ul620664355312"><li id="waf_01_0172__li11206194311537"><span class="parmvalue" id="waf_01_0172__parmvalue11346203810351"><b>block</b></span>: WAF blocks attacks.</li><li id="waf_01_0172__li13206543125319"><strong id="waf_01_0172__b232212418353">log</strong>: WAF only logs detected attacks.</li><li id="waf_01_0172__li12206174325316"><strong id="waf_01_0172__b361620586250">captcha</strong>: A verification code is required.</li></ul>
</td>
</tr>
<tr id="waf_01_0172__row324191613563"><td class="cellrowborder" valign="top" width="17.669999999999998%" headers="mcps1.3.8.2.1.5.1.1 "><p id="waf_01_0172__p624181695619">attack_log.sub_type</p>
@ -624,7 +624,7 @@
<td class="cellrowborder" valign="top" width="22.470000000000002%" headers="mcps1.3.8.2.1.5.1.3 "><p id="waf_01_0172__p163511524568">Crawler types</p>
</td>
<td class="cellrowborder" valign="top" width="48.49%" headers="mcps1.3.8.2.1.5.1.4 "><p id="waf_01_0172__p1071532185713">When <strong id="waf_01_0172__b8417145742819">attack</strong> is set to <strong id="waf_01_0172__b54192482283">robot</strong>, this parameter cannot be left blank.</p>
<ul id="waf_01_0172__ul7228173735712"><li id="waf_01_0172__li722812372577"><strong id="waf_01_0172__b240481342916">script_tool</strong>: Script tools</li><li id="waf_01_0172__li1228537195711"><strong id="waf_01_0172__b81736452291">search_engine</strong>: Search engines</li><li id="waf_01_0172__li92281937195713"><strong id="waf_01_0172__b43871418123020">scanner:</strong> Scanning tools</li><li id="waf_01_0172__li422813715717"><strong id="waf_01_0172__b2545202315310">uncategorized</strong>: Other crawlers</li></ul>
<ul id="waf_01_0172__ul7228173735712"><li id="waf_01_0172__li722812372577"><strong id="waf_01_0172__b240481342916">script_tool</strong>: script tools</li><li id="waf_01_0172__li1228537195711"><strong id="waf_01_0172__b81736452291">search_engine</strong>: search engines</li><li id="waf_01_0172__li92281937195713"><strong id="waf_01_0172__b11178553713">scanner</strong>: scanning tools</li><li id="waf_01_0172__li422813715717"><strong id="waf_01_0172__b2545202315310">uncategorized</strong>: other crawlers</li></ul>
</td>
</tr>
<tr id="waf_01_0172__row1371895021914"><td class="cellrowborder" valign="top" width="17.669999999999998%" headers="mcps1.3.8.2.1.5.1.1 "><p id="waf_01_0172__p435142025">attack_log.rule</p>

4
docs/wafd/umn/waf_01_0199.html
View File

@ -3,7 +3,7 @@
<h1 class="topictitle1">Why Am I Seeing Error Code 523?</h1>
<div id="body1583996233211"><p id="waf_01_0199__p69862004434">If a request goes through WAF over four times, WAF will block the request and return error code 523 to avoid endless loops. If error code 523 is returned for your website requests, check how many WAF instances you are using.</p>
<p id="waf_01_0199__p2295711193316"></p>
<div class="section" id="waf_01_0199__section185296562457"><h4 class="sectiontitle">Cause 1: A website is connected to more than four WAF instances.</h4><p id="waf_01_0199__p846191204612">Error code 523 will return if a website has been connected to different types of WAF instances more than four times.</p>
<div class="section" id="waf_01_0199__section185296562457"><h4 class="sectiontitle">Cause 1: The Website Is connected to More Than Four WAF Instances</h4><p id="waf_01_0199__p846191204612">Error code 523 will return if a website has been connected to different types of WAF instances more than four times.</p>
<p id="waf_01_0199__p1536120148571"><strong id="waf_01_0199__b9127340111417">Solution</strong></p>
<p id="waf_01_0199__p4936121425412">Route website traffic to bypass redundant WAF instances.</p>
<ol id="waf_01_0199__ol13914124135718"><li id="waf_01_0199__li991416242576"><span>Log in to the WAF management console.</span></li><li id="waf_01_0199__li17365175395912"><span>In the navigation pane on the left, choose <strong id="waf_01_0199__b1136319285151">Website Settings</strong>.</span></li><li id="waf_01_0199__li184710423014"><span>Locate the website for which error code 523 is returned, retain one configuration, and delete the website from redundant WAF instances. For details, see <a href="waf_01_0005.html">Deleting a Protected Website from WAF</a>.</span><p><p id="waf_01_0199__p149481361669">To prevent service interruptions due to such deletions, perform the following operations before removing a website from WAF:</p>
@ -27,7 +27,7 @@
}</pre>
</p></li></ol>
</div>
<div class="section" id="waf_01_0199__section10881191489"><h4 class="sectiontitle">Cause 3: Origin Server IP address Was Mistakenly Set to an IP Address of WAF or A Proxy in Front of WAF</h4><p id="waf_01_0199__p652510545493">If the origin server address is mistakenly set to the back-to-source IP address of WAF or an IP address of the proxy in front of WAF, the website requests go to an endless loop and error code 523 is returned.</p>
<div class="section" id="waf_01_0199__section10881191489"><h4 class="sectiontitle">Cause 3: Origin Server IP Address Was Mistakenly Set to an IP Address of WAF or A Proxy in Front of WAF</h4><p id="waf_01_0199__p652510545493">If the origin server address is mistakenly set to the back-to-source IP address of WAF or an IP address of the proxy in front of WAF, the website requests go to an endless loop and error code 523 is returned.</p>
<p id="waf_01_0199__p197801627191411"><strong id="waf_01_0199__b97813712217">Solution</strong></p>
<p id="waf_01_0199__p971103325117">Check the origin server configurations and enter a correct origin server address.</p>
</div>

2
docs/wafd/umn/waf_01_0282.html
View File

@ -2,7 +2,7 @@
<h1 class="topictitle1">Viewing Certificate Information</h1>
<div id="body1605755748968"><p id="waf_01_0282__p118021440544">This topic describes how to view certificate details, including the certificate name, domain name a certificate is used for, and expiration time.</p>
<div class="section" id="waf_01_0282__section12726112995613"><h4 class="sectiontitle">Prerequisites</h4><p id="waf_01_0282__p7603153110567">You have <a href="waf_01_0078.html">uploaded certificates</a> to WAF.</p>
<div class="section" id="waf_01_0282__section12726112995613"><h4 class="sectiontitle">Prerequisites</h4><p id="waf_01_0282__p7603153110567">You have uploaded certificates to WAF. For details, see <a href="waf_01_0078.html">Uploading a Certificate to WAF</a>.</p>
</div>
<div class="section" id="waf_01_0282__section3817437161619"><h4 class="sectiontitle">Checking Certificate Details</h4><ol id="waf_01_0282__ol0570746162010"><li id="waf_01_0282__li612711519813"><span>Log in to the management console.</span></li><li id="waf_01_0282__li458314281487"><span>Click <span><img id="waf_01_0282__en-us_topic_0000002335595889_image158886314810" src="en-us_image_0000002395174933.png"></span> in the upper left corner and select a region or project.</span></li><li id="waf_01_0282__li159657213511"><span>Click <span><img id="waf_01_0282__en-us_topic_0000002335595889_image172869321316" src="en-us_image_0000002395334641.png"></span> in the upper left corner and choose <strong id="waf_01_0282__en-us_topic_0000002335595889_b1545322105418">Web Application Firewall (Dedicated)</strong> under <strong id="waf_01_0282__en-us_topic_0000002335595889_b12545122195419">Security</strong>.</span></li><li id="waf_01_0282__li95009632616"><span>In the navigation pane on the left, choose <strong id="waf_01_0282__en-us_topic_0000002335595889_b18944102575719">Objects</strong> &gt; <strong id="waf_01_0282__en-us_topic_0000002335595889_b19944192512577">Certificates</strong>.</span></li><li id="waf_01_0282__li11842132512222"><span>View the certificate information. For details about related parameters, see <a href="#waf_01_0282__table42671747141413">Table 1</a>.</span><p><div class="fignone" id="waf_01_0282__fig16361191931511"><span class="figcap"><b>Figure 1 </b>Certificate list</span><br><span><img id="waf_01_0282__image189615578391" src="en-us_image_0000002395336049.png" title="Click to enlarge" class="imgResize"></span></div>
<div class="p" id="waf_01_0282__p6108549101418">

2
docs/wafd/umn/waf_01_0287.html
View File

@ -77,7 +77,7 @@
</p></li><li id="waf_01_0287__li15338132783010"><span>Click <strong id="waf_01_0287__b973884555">OK</strong>.</span><p><p id="waf_01_0287__p9338142763015">You can view the added websites in the protected website list.</p>
</p></li></ol>
</div>
<div class="section" id="waf_01_0287__section1239501211217"><h4 class="sectiontitle">Follow-up Operations</h4><ul id="waf_01_0287__ul1713218251629"><li id="waf_01_0287__li101322250213">The initial <span class="parmname" id="waf_01_0287__parmname68671569411"><b>Access Status</b></span> of a website is <span class="parmname" id="waf_01_0287__parmname10746721759"><b>Unaccessed</b></span>. When a request reachesthe WAF instance configured for the website, the access status automaticallychanges to <span class="parmname" id="waf_01_0287__parmname95781891256"><b>Accessed</b></span>.</li><li id="waf_01_0287__li93148262210"><a href="waf_01_3274.html">Complete Recommended Configurations</a></li><li id="waf_01_0287__li172181211142">Adjust the protection policy configured for the protected domain name basedon protection requirements. For details, see <a href="waf_01_0129.html">Protection ConfigurationOverview</a>.</li></ul>
<div class="section" id="waf_01_0287__section1239501211217"><h4 class="sectiontitle">Follow-up Operations</h4><ul id="waf_01_0287__ul1713218251629"><li id="waf_01_0287__li101322250213">The initial <span class="parmname" id="waf_01_0287__parmname68671569411"><b>Access Status</b></span> of a website is <span class="parmname" id="waf_01_0287__parmname10746721759"><b>Unaccessed</b></span>. When a request reaches the WAF instance configured for the website, the access status automatically changes to <span class="parmname" id="waf_01_0287__parmname95781891256"><b>Accessed</b></span>.</li><li id="waf_01_0287__li93148262210"><a href="waf_01_3274.html">Complete Recommended Configurations</a></li><li id="waf_01_0287__li172181211142">Adjust the protection policy configured for the protected domain name based on protection requirements. For details, see <a href="waf_01_0129.html">Protection ConfigurationOverview</a>.</li></ul>
</div>
</div>
<div>

2
docs/wafd/umn/waf_01_0311.html
View File

@ -10,7 +10,7 @@
</div>
<div class="section" id="waf_01_0311__section1327018172114"><h4 class="sectiontitle">Handling Suggestions</h4><p id="waf_01_0311__p16367195217354">Disable the JavaScript anti-crawler protection by performing the following steps:</p>
<ol id="waf_01_0311__ol2233133483013"><li id="waf_01_0311__li612711519813"><span>Log in to the management console.</span></li><li id="waf_01_0311__li458314281487"><span>Click <span><img id="waf_01_0311__en-us_topic_0000002335595889_image158886314810" src="en-us_image_0000002395174933.png"></span> in the upper left corner and select a region or project.</span></li><li id="waf_01_0311__li159657213511"><span>Click <span><img id="waf_01_0311__en-us_topic_0000002335595889_image172869321316" src="en-us_image_0000002395334641.png"></span> in the upper left corner and choose <strong id="waf_01_0311__en-us_topic_0000002335595889_b1545322105418">Web Application Firewall (Dedicated)</strong> under <strong id="waf_01_0311__en-us_topic_0000002335595889_b12545122195419">Security</strong>.</span></li><li id="waf_01_0311__li86686045213"><span>In the navigation pane on the left, click <strong id="waf_01_0311__en-us_topic_0000002335595889_b14305215551">Policies</strong>.</span></li><li id="waf_01_0311__li19626231465"><span>Click the name of the target policy to go to the protection configuration page.</span></li><li id="waf_01_0311__li13157471303"><span>Click the <span class="parmname" id="waf_01_0311__en-us_topic_0110861318_parmname1839753916433"><b>Anti-Crawler</b></span> configuration area and toggle it on or off if needed.</span><p><ul id="waf_01_0311__en-us_topic_0110861318_ul103222180"><li id="waf_01_0311__en-us_topic_0110861318_en-us_topic_0110861309_li16311214181"><span><img id="waf_01_0311__en-us_topic_0110861318_en-us_topic_0110861309_image12518105842612" src="en-us_image_0000002395174901.png"></span>: enabled.</li><li id="waf_01_0311__en-us_topic_0110861318_en-us_topic_0110861309_li245212187"><span><img id="waf_01_0311__en-us_topic_0110861318_en-us_topic_0110861309_image16420271818" src="en-us_image_0000002361494960.png"></span>: disabled.</li></ul>
</p></li><li id="waf_01_0311__li3713161417610"><span>Click the <strong id="waf_01_0311__b32461491168">JavaScript</strong> tab and disable the JavaScript anti-crawler protection..</span></li></ol>
</p></li><li id="waf_01_0311__li3713161417610"><span>Click the <strong id="waf_01_0311__b32461491168">JavaScript</strong> tab and disable the JavaScript anti-crawler protection.</span></li></ol>
</div>
</div>
<div>

2
docs/wafd/umn/waf_01_1172.html
View File

@ -41,7 +41,7 @@
</tr>
<tr id="waf_01_1172__row102281027718"><td class="cellrowborder" valign="top" headers="mcps1.3.4.2.7.2.1.2.5.1.1 "><p id="waf_01_1172__p9228828717">Multiplier for Consecutive Breakdowns</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.4.2.7.2.1.2.5.1.1 "><p id="waf_01_1172__p751823163015">The maximum multiplier you can use for consecutive breakdowns. The number of breakdowns are counted from 0 every time the accumulated breakdown protection duration reaches 3,600s.</p>
<td class="cellrowborder" valign="top" headers="mcps1.3.4.2.7.2.1.2.5.1.1 "><p id="waf_01_1172__p751823163015">The maximum multiplier you can use for consecutive breakdowns. The number of breakdowns is counted from 0 every time the accumulated breakdown protection duration reaches 3,600s.</p>
<div class="p" id="waf_01_1172__p278701463016">For example, assume that <strong id="waf_01_1172__b24031120172218">Initial Downtime (s)</strong> is set to 180s and <strong id="waf_01_1172__b94891555192215">Multiplier for Consecutive Breakdowns</strong> is set to 3.<ul id="waf_01_1172__ul261914232303"><li id="waf_01_1172__li3996543143019">If the breakdown is triggered for the second time, that is, less than 3, the protection duration is 360s (180s x 2).</li><li id="waf_01_1172__li19771113103120">If the breakdown is triggered for the third or fourth time, that is, greater than or equal to 3, the protection duration is 540s (180s x 3).</li><li id="waf_01_1172__li8619122393020">The breakdowns are counted from 0 when the total downtime duration exceeds one hour (3,600s).</li></ul>
</div>
</td>