Web Application Firewall
Kingsoft Cloud Web Application Firewall (WAF) helps you prevent security issues such as web attacks, business access risks, vulnerability exploitation, and webshell intrusions. The protection capabilities of WAF can be triggered within seconds. This protects website servers from malicious intrusions and ensures the security operations of your websites and web business.
Benefits
Professional Security Service Team
The professional security service team collects cloud risk information in real time, and updates and synchronizes rules against zero-day vulnerabilities within 24 hours.
Multi-dimensional Charts
WAF presents defense data in multiple dimensions, such as web attack defense, CC attack defense, attack types, and attack regions. This helps you access comprehensive information about security risks.
Convenient Cloud-based Protection Configuration
WAF is directly deployed on the cloud. Then, you can immediately use the protection capabilities of WAF without the need to install hardware facilities.
Stable and Fast Service
WAF uses a BGP solution to implement multi-line disaster recovery in China, intelligently selects the optimal route, and responds within milliseconds.
Full Logs
WAF allows you to store and query full logs in real time. This provides controllable and visible business security and facilitates business compliance.
Virtual Patches for Zero-Day Vulnerabilities
The security team of Kingsoft Cloud provides 24/7 monitoring and delivers virtual patches immediately when a vulnerability is detected. You can obtain protection capabilities against emergent and zero-day vulnerabilities without manual operations. This greatly shortens the response time.
Features
Attack Protection Engine
WAF builds in rule sets based on the experience of the security team. The rule sets can be used to defend against common threats that are defined by OWASP, such as SQL injection, XSS attacks, webshell uploads, command injection, and malicious crawlers.
Custom CC Attack Defense
WAF allows you to customize matching rules and identification methods for specific URL paths, and set limits on the access frequency, the blocking duration, and the blocking method. Human-machine identification is supported.
Flexible Access Control
WAF allows you to configure common HTTP fields to implement precise access control. You can also set a blacklist or whitelist and customize risk levels. This helps you block non-compliant access requests such as RFCs and custom requests.
Geo-blocking
WAF allows you to block access requests from specific regions. You can block access requests from regions outside mainland China with a few clicks.
Log Service
WAF allows you to download attack logs and the content of request fields as needed. This helps you analyze and formulate security protection policies.
Traffic Marking
WAF allows you to add field values to traffic requests, which facilitates the collection of statistics for the backend server and prevents attacks from origin servers.
Product Updates
2
WAF 2.0 Released
WAF is optimized and reconstructed to provide a brand-new interactive experience.
2017-12-19
Experience Enhancements
3
SLB_WAF
SLB_WAF instances allow you to bind or unbind EIPs as needed with a few clicks.
2019-01-16
New Features
4
Cloud WAF Released
The security protection for third-party origin servers is supported.
2019-10-28
New Features
5
Intelligent Semantic Engine Added
Non-standard port forwarding is supported. An intelligent semantic engine is added.
2019-12-23
New Features
6
Cloud WAF Released in CN East 1 (Shanghai)
Cloud WAF is available in the CN East 1 (Shanghai) region.
2020-02-18
New Zones/Regions
7
WAF Available in All Regions in China
WAF is available in all regions in China.
2020-05-15
New Zones/Regions
8
Connect to CMS
WAF is connected to Kingsoft Cloud Monitor Service (CMS). The business status of WAF instances then can be monitored and alarms can be sent in real time.
2020-06-18
New Features
9
Projects Supported
WAF allows you to create projects to manage your WAF instances. You can change the projects to which WAF instances belong.
2020-07-17
New Features
11
WAF 3.0 Released
The WAF architecture is upgraded and more features are offered to provide better user experience.
2021-04-15
New Versions/Specifications
Scenarios
WAF
WAF helps you avoid security issues such as web attacks, business access risks, vulnerability exploitation, and webshell intrusions. After you add a DNS record, traffic can be redirected to a WAF protection cluster for scrubbing. Then, only the normal traffic is forwarded to the origin server. The WAF protection capabilities can be triggered within seconds. This prevents website servers from malicious intrusions and ensures the security operations of your websites and web business.
Business
E-commerce
WAF intelligently filters malicious attacks and crawler accesses in scenarios such as high-concurrency flash sales and various marketing activities. This ensures smooth business access and effective implementation of marketing strategies.
Financial Websites
WAF effectively detects abnormal accesses such as web intrusions, credential stuffing attacks, data breaches, and DNS hijacking. This prevents the user information from leakage. WAF also identifies and manages program behaviors of bots and assists financial enterprises in anti-crawler management policies. This prevents the information of financial products from crawling and financial strategies from leakage.
Internet-based Business
WAF prevents business data from intrusion, tampering, and breaches. WAF filters various types of attacks and spam traffic. This facilitates normal and stable operation of Internet-based core business.
Quick Start
Add a Domain Name
Add domain names
01
Configure CIDR Blocks That Are Allowed
Configure the back-to-origin CIDR blocks the traffic from which is allowed to pass.
02
Verify the Configuration
Verify whether the forwarding configuration takes effect.
03
Add a DNS Record
Add a DNS record at your DNS service provider.
04