Web Application Firewall conducts multi-dimensional inspection and protection of website business traffic, combines deep machine learning to intelligently identify malicious request characteristics and defend against unknown threats, blocks common attacks such as SQL injection or cross-site scripting, and prevents these attacks from affecting the Web Application availability, security or excessive resource consumption, reducing the risk of data tampering and theft
Preset a rich attack signature library, which can detect dozens of common web attack signatures and easily block various web attacks
Rich built-in policy configuration items can flexibly formulate refined protection rules according to its own business characteristics to meet the needs of professional security operation and maintenance
The leading semantic + regular + AI (artificial intelligence) three-engine architecture can accurately identify various threats and greatly improve the threat detection rate
Distributed deployment in multiple regions, remote disaster recovery is safe and reliable, professional security team monitors 7*24 hours to ensure "zero" business interruption
Normal business request peak: 1000QPS
Return source IP: 3
CC attack protection peak: √
CC attack protection rules: √
Accurate access protection rules: ×
IP black and white list rules: 10
Geographical location ban rules: supported
Support adding pan domain names: √
Non 80, 443 standard port protection: ×
Batch flexible configuration of protection strategies: ×
Common web application attack protection, including XSS attack, SQL injection, upload attack protection, command injection protection, directory traversal, crawler detection, etc.: √
CC attack protection: √
Accurate access protection: ×
IP black and white list settings: √
Support customized IP access control for specified countries and provinces: √
Dynamic anti crawler based on human-machine recognition and data risk control: √
Normal business request peak: 1000QPS
Return source IP: 3
CC attack protection peak: √
CC attack protection rules: √
Accurate access protection rules: ×
IP black and white list rules: 10
Geographical location ban rules: supported
Support adding pan domain names: √
Non 80, 443 standard port protection: ×
Batch flexible configuration of protection strategies: ×
Common web application attack protection, including XSS attack, SQL injection, upload attack protection, command injection protection, directory traversal, crawler detection, etc.: √
CC attack protection: √
Accurate access protection: ×
IP black and white list settings: √
Support customized IP access control for specified countries and provinces: √
Dynamic anti crawler based on human-machine recognition and data risk control: √
Normal business request peak: 2000QPS
Return source IP: 10
CC attack protection peak: 100000QPS
CC attack protection rules: 20
Precision access protection rules: 20
IP black and white list rules: 20
Geographical location ban rules: supported
Support adding pan domain names: √
Non 80, 443 standard port protection: √
Batch flexible configuration of protection strategies: √
Common web application attack protection, including XSS attack, SQL injection, upload attack protection, command injection protection, directory traversal, crawler detection, etc.: √
CC attack protection: √
Accurate access protection: √
IP black and white list settings: √
Support customized IP access control for specified countries and provinces: √
Dynamic anti crawler based on human-machine recognition and data risk control: √
Return source IP: 10
CC attack protection peak: 100000QPS
CC attack protection rules: 20
Precision access protection rules: 20
IP black and white list rules: 20
Geographical location ban rules: supported
Support adding pan domain names: √
Non 80, 443 standard port protection: √
Batch flexible configuration of protection strategies: √
Common web application attack protection, including XSS attack, SQL injection, upload attack protection, command injection protection, directory traversal, crawler detection, etc.: √
CC attack protection: √
Accurate access protection: √
IP black and white list settings √
Support customized IP access control for specified countries and provinces: √
Dynamic anti crawler based on human-machine recognition and data risk control: √
After accessing the SDK, it can automatically group and schedule according to the terminal information collected by the SDK, effectively find out and isolate risky devices, and successfully defend against T-level attacks.
Support threat detection and interception such as SQL injection, XSS cross-site scripting, file inclusion, directory traversal, sensitive file access, command/code injection, web page Trojan upload, and third-party vulnerability attacks
Effectively reduce the business impact of CC attacks (HTTP Flood) through interface speed limit and human-machine identification
The content and type of the return page can be customized to meet the needs of business diversification
Create a powerful and precise access control strategy based on a rich combination of fields and logical conditions
Support logical conditions such as include, not include, equal to, not equal to, prefix equal to, prefix not equal to, etc., and set blocking or release strategies
Provide a simple and friendly control interface to view attack information and event logs in real time
Centrally configure policies on the management side, quickly issue them, and quickly take effect
Malicious visitors invade the website database and steal business data or other sensitive information through SQL injection, web page Trojan horse and other attack means。
Semantic analysis + regular expression dual engines are used to accurately detect traffic in multiple dimensions and accurately identify attack traffic
Supports 11 kinds of encoding restoration, which can identify more deformation attacks and reduce the risk of Web Application Firewall being bypassed
When encountering the TCP connection and protocol simulation functions initiated by real bots, the CC attack problem can be completely solved through the encrypted tunnel between the SDK and the game security gateway, and accurate identification can also be achieved through message inspection and other functions without accessing the SDK.
There is no need to wait for the manufacturer to release patches, the WAF professional protection team will immediately issue virtual patches, update defense rules, and achieve protection
Reduce deployment and operation and maintenance costs caused by business upgrades, and avoid risks caused by service interruptions
A large number of malicious CC requests are initiated on the website, occupying core resources for a long time, causing the website business to respond slowly or fail to provide services normally
Flexible speed limit policy can be set according to IP or Cookie to accurately identify CC attacks and ensure stable business operation
Users can configure response actions and return page content according to business needs to meet business customization needs
Attackers use hacking techniques to leave backdoors on website servers or tamper with webpage content, causing economic losses or negative impacts
Detect malicious code injected by malicious attackers on the website server to protect the safety of website visitors
Protect the security of page content, prevent attackers from maliciously tampering with the page, modifying page information or publishing bad information on the webpage, which will affect the brand image of the website
A: The Web Application Firewall supports access by users in computer rooms outside the cloud, and can protect any public network server, including but not limited to Huosan Cloud, other vendors' clouds, and IDC.
Answer: WAF fully supports HTTPS services. Users only need to upload the SSL certificate and private key according to the prompts, and the Web Application Firewall can protect HTTPS business traffic.
Answer: The same account can only be purchased through the annual subscription method. When purchasing by subscription, only one configuration can be selected for the same account. You can upgrade the configuration after purchasing through the subscription method.
Answer: Yes. The web application firewall can directly overlay anti-DDoS high-defense packets for security protection.
Answer: WAF supports domain name or IP protection.
Answer: The firewall makes policies based on IP and ports, and cannot make policies for the application layer. Therefore, the firewall cannot solve threats such as SQL injection, XSS, command code injection, and malicious crawler scanning of web applications.
Answer: Just like antivirus software cannot 100% kill viruses, web application firewalls cannot guarantee protection against all attacks, but deploying web application firewalls can greatly reduce the risk of web sites being attacked, increase the difficulty of hacker attacks, and avoid business Confront security threats head-on.
Answer: Yes, the Web Application Firewall supports exclusive virtual hosts, and you can directly enable the Web Application Firewall for configuration. For shared virtual hosts, since the shared IP is used and the source site is shared by multiple users, it is not recommended to configure the Web Application Firewall separately.
Answer: WAF provides multiple CC security protection modes, and you can choose according to the actual situation.
A: Yes, a WAF domain name configuration supports up to 20 origin site IP addresses.
Contact customer service, as long as there is a business need, you can get an independent server test! Register as a member to provide you with the best cloud practice opportunities
在线咨询:
QQ:3573126960
Mail:kefu@huosanyun.com
在线时间:工作日9:30-18:00
