- Release Notes and Announcements
- Release Notes
- Product Announcement
- Security Advisory
- Notice for Apache Log4j 2 RCE Vulnerability (CVE-2021-44832)
- Notice for Apache Log4j 2 RCE Vulnerability (CVE-2021-45046)
- Notice for Apache Log4j 2 RCE Vulnerability (CVE-2021-44228)
- Notice for WebLogic Console HTTP RCE Vulnerability
- Notice for Exchange Server Command Execution Vulnerability
- Notice for Yonyou GRP-U8 SQL Injection Vulnerability
- Notice for Apache Cocoon XXE Vulnerability (CVE-2020-11991)
- Notice for WordPress File Manager Arbitrary Code Execution Vulnerability
- Jenkins Security Advisory for September
- Notice for Apache Struts 2 RCE Vulnerabilities (CVE-2019-0230 and CVE-2019-0233)
- Notice for Apache SkyWalking SQL Injection Vulnerability (CVE-2020-13921)
- User Guide
- Product Introduction
- Purchase Guide
- Getting Started
- Operation Guide
- Best Practice
- FAQS
- Service Level Agreement
- WAF Policy
- Contact Us
- Glossary
- Release Notes and Announcements
- Release Notes
- Product Announcement
- Security Advisory
- Notice for Apache Log4j 2 RCE Vulnerability (CVE-2021-44832)
- Notice for Apache Log4j 2 RCE Vulnerability (CVE-2021-45046)
- Notice for Apache Log4j 2 RCE Vulnerability (CVE-2021-44228)
- Notice for WebLogic Console HTTP RCE Vulnerability
- Notice for Exchange Server Command Execution Vulnerability
- Notice for Yonyou GRP-U8 SQL Injection Vulnerability
- Notice for Apache Cocoon XXE Vulnerability (CVE-2020-11991)
- Notice for WordPress File Manager Arbitrary Code Execution Vulnerability
- Jenkins Security Advisory for September
- Notice for Apache Struts 2 RCE Vulnerabilities (CVE-2019-0230 and CVE-2019-0233)
- Notice for Apache SkyWalking SQL Injection Vulnerability (CVE-2020-13921)
- User Guide
- Product Introduction
- Purchase Guide
- Getting Started
- Operation Guide
- Best Practice
- FAQS
- Service Level Agreement
- WAF Policy
- Contact Us
- Glossary
Combined Application of WAF and Anti-DDoS Pro
Last updated: 2021-10-08 15:50:46
Scenarios
Web Application Firewall (WAF) is able to defeat CC attacks. WAF can work with Anti-DDoS Pro to provide an all-out protection against non-HTTP requests.
- With DDoS protection capability of hundreds of Gbps, Anti-DDoS Pro can easily deal with DDoS attacks and ensure the availability of your business.
- WAF can block web attacks in real time to ensure the security of your business data and information.
Directions
Step 1. Configure WAF
Log in to the WAF Console and select Instance Management -> Instance List on the left sidebar to enter the instance list.
On the page, select an instance, and click Domain Name Connection to add a domain name.
On the domain name connection page, click Add Domain Name and configure the following parameters as needed:
Domain Name Configuration
- Domain Name: enter the domain name to be protected.
- Web Server Configurations: select a protocol type and port as needed.
- Enable HTTP 2.0: select according to your situation.
- Server Port: select according to your situation.
- Origin Server Address: enter the real IP address of the origin server of the website to be protected, which is the public IP of the origin server.
Other Configurations
Proxy: select "No". If WAF works with Anti-DDoS Advanced, select "Yes".
Enable WebSocket and Load Balancer: select according to your situation.
Note:If the real server has multiple intermediate IPs, choose a load balancing strategy as needed. The round-robin strategy will distribute requests of the source IP across real servers in order, while the IP hash strategy will forward requests of the source IP to the same real server. Round-robin is used by default.
- After the configuration, click Save.
Step 2. Configure Anti-DDoS Pro
Log in to Anti-DDoS Pro Console and select Anti-DDoS Pro > Service Packs on the left sidebar.
Select a region of the target Anti-DDoS Pro instance and click Protected Resource on the right of the instance.
Select "Web Application Firewall" as the resource type, and set the IP address of the WAF instance.
Note:For a CLB WAF instance, select "Load Balancing" as the resource type, and set the public IP address of the instance.
- After you complete the configuration, click OK.
Yes
No
Was this page helpful?