What is a Web application firewall

Cloud Shield Web Application Firewall (WAF) is based on cloud security big data capabilities, used to defend against SQL injection, XSS cross-site scripting, common Web server plug-in vulnerabilities, Trojan upload, unauthorized access to core resources and other OWASP common attacks. And filter massive malicious CC attacks, avoid your website asset data leakage, to ensure the security and availability of the website.

After you purchase a Web application firewall, resolve the domain name to the CNAME address provided by the Web application firewall, and configure the IP address of the source server to enable the Web application firewall. After this function is enabled, all public network traffic passes through the Web application firewall. Malicious attack traffic is detected and filtered by the Web application firewall, and normal traffic is returned to the source IP address, ensuring the security, stability, and availability of the source IP address.

features

The Web Application Firewall (WAF) helps you easily cope with various Web application attacks and ensure Web security and availability of your website.

Core attack and defense + big data ability to drive the cloud WAF of the new era of Web security A Taobao Tmall are using WAF

Defense against common Web application attacks

The following types of attacks are fully protected: SQL injection, XSS cross-site, WebShell upload, command injection, illegal HTTP requests, common Web server vulnerability attacks, unauthorized access to core files, and path traversal. Provides door isolation protection and scan protection. Malicious CC attack defense

Controls the access frequency of a single source IP address, supports redirection verification, and man-machine identification. According to the statistical response code and URL request distribution, abnormal Referer and user-Agent feature recognition, combined with precise website access control, comprehensive protection is carried out against massive slow request attacks. Make full use of ali Cloud’s big data security advantages, establish threat intelligence and trusted access analysis model, and quickly identify malicious traffic. Precise access control

Provides a friendly configuration console interface, supports the combination of CONDITIONS of COMMON HTTP fields such as IP, URL, Referer, and user-Agent, creates a powerful and accurate access control policy, and supports prevention scenarios such as chain theft and website background protection. With common Web attack defense, CC defense and other security modules to create a multi-layer comprehensive protection mechanism, easily identify trusted and malicious traffic according to requirements. Powerful Report Analysis

Provides accurate attack details and service analysis reports, enabling you to know the website status in a timely manner.

About Ali Cloud Web application firewall details: Ali Cloud Web application firewall tutorial

Web Application Firewall (WAF) is a security product independently developed by Ali based on more than 10 years of attack and defense experience. It is based on the cloud security big data capability, through the defense of SQL injection, XSS cross-site scripting, common Web server plug-in vulnerability, Trojan upload, unauthorized access to core resources and other OWASP common attacks, filtering massive malicious access, avoid your website asset data leakage, ensure the security and availability of the website.

Official website of Ali Yun University (Official website of Ali Yun University, Innovative Talent Workshop under cloud Ecology)