Application Scenarios¶
This section describes the application scenarios of WAF.
Common protection
WAF helps users defend against common web attacks, such as command injection and sensitive file access.
Promotion within online shopping malls
Countless malicious requests may be sent to service interfaces during online promotions. WAF allows configurable rate limiting policies to defend against CC attacks. This prevents services from breaking down due to many concurrent requests, ensuring response to legitimate requests.
Zero-day vulnerabilities
Services cannot recover quickly from impact of zero-day vulnerabilities in third-party web frameworks and plug-ins. WAF updates the preset protection rules immediately to add an additional protection layer to such web frameworks and plug-ins and this layer can react faster than fixing the vulnerabilities.
Web page tampering
Attackers leave backdoors on web servers or tamper with web page content, causing asset loss or other negative impacts. You can use WAF to configure web tamper protection rules to achieve:
Website malicious code detection
Detects malicious codes injected to the web server, helping ensure a safe visit to the site.
Web page tampering prevention
Prevents attackers from tampering with or changing web page content, or publishing indecent content that damages a website's brand image.