Files

qiaoli 46c8216518 WAFD UMN 20241026 version

Reviewed-by: Rogal, Marcel <mrogal@noreply.gitea.eco.tsi-dev.otc-service.com>
Co-authored-by: qiaoli <qiaoli@huawei.com>
Co-committed-by: qiaoli <qiaoli@huawei.com>

2025-01-15 13:49:59 +00:00

1.6 KiB

Raw Permalink Blame History

Can WAF Defend Against the Apache Struts2 Remote Code Execution Vulnerability (CVE-2021-31805)?

Yes. WAF basic web protection rules can defend against the Apache Struts2 remote code execution vulnerability (CVE-2021-31805).

Follow the procedure below to complete the configuration.

Configuration Procedure

Apply for a dedicated WAF instance.
Add the website domain name to WAF and connect it to WAF. For details, see Connecting Your Website to WAF (Dedicated Mode) or Connecting Your Website to WAF (ELB Access Mode).
In the Basic Web Protection configuration area, set Mode to Block. For details, see Configuring Basic Web Protection to Defend Against Common Web Attacks.

Parent topic: About WAF

1.6 KiB Raw Permalink Blame History

Can WAF Defend Against the Apache Struts2 Remote Code Execution Vulnerability (CVE-2021-31805)?

Configuration Procedure

1.6 KiB

Raw Permalink Blame History