This section describes the application scenarios of WAF.
WAF helps users defend against common web attacks, such as command injection and sensitive file access.
Countless malicious requests may be sent to service interfaces during online promotions. WAF allows configurable rate limiting policies to defend against CC attacks. This prevents services from breaking down due to many concurrent requests, ensuring response to legitimate requests.
Services cannot recover quickly from impact of zero-day vulnerabilities in third-party web frameworks and plug-ins. WAF updates the preset protection rules immediately to add an additional protection layer to such web frameworks and plug-ins and this layer can react faster than fixing the vulnerabilities.
Attackers leave backdoors on web servers or tamper with webpage content, causing asset loss or other negative impacts. You can use WAF to configure web tamper protection rules to achieve:
Detects malicious codes injected to the web server, helping ensure a safe visit to the site.
Prevents attackers from tampering with or changing webpage content, or publishing indecent content that damages a website's brand image.