Attack Protection Engine
WAF builds in rule sets based on the experience of the security team. The rule sets can be used to defend against common threats that are defined by OWASP, such as SQL injection, XSS attacks, webshell uploads, command injection, and malicious crawlers.
Custom CC Attack Defense
WAF allows you to customize matching rules and identification methods for specific URL paths, and set limits on the access frequency, the blocking duration, and the blocking method. Human-machine identification is supported.
Flexible Access Control
WAF allows you to configure common HTTP fields to implement precise access control. You can also set a blacklist or whitelist and customize risk levels. This helps you block non-compliant access requests such as RFCs and custom requests.
WAF allows you to block access requests from specific regions. You can block access requests from regions outside mainland China with a few clicks.
WAF allows you to download attack logs and the content of request fields as needed. This helps you analyze and formulate security protection policies.
WAF allows you to add field values to traffic requests, which facilitates the collection of statistics for the backend server and prevents attacks from origin servers.