Enabling WAF Protection

This section describes how to enable WAF protection.

Note

  • The WAF engine does not run on your web server. Therefore, your web server performance will not be affected.

  • After your domain name is connected to WAF, there will be a latency of tens of milliseconds, but might be raised based on the size of the requested page or number of incoming requests.

  • You are billed for queries per second (QPS) or service bandwidth. One HTTP GET request is counted as a query, and the maximum QPS WAF can handle is 10,000. The total volume of normal traffic to a website or domain names protected by WAF is counted as the service bandwidth, and the maximum service bandwidth WAF can handle is 300 Mbit/s.

Prerequisites

  • Login credentials have been obtained.

  • Mode for WAF to protect the domain name is Disabled or Bypassed.

Procedure

  1. Log in to the management console.

  2. Click image1 in the upper left corner of the management console and select a region or project.

  3. Choose Security > Web Application Firewall. In the navigation pane on the left, choose Domains. Figure 1 shows an example.

    **Figure 1** Domains page

    Figure 1 Domains page

    Note

    In the upper part of the domain name list, click Quota details to view the domain name quota.

  4. In the Operation column of the target domain name, click Switch Mode.

  5. In the Switch Mode dialog box, select Enabled and then click OK.