Web Application Firewall

Kingsoft Cloud Web Application Firewall (WAF) helps you prevent security issues such as web attacks, business access risks, vulnerability exploitation, and webshell intrusions. The protection capabilities of WAF can be triggered within seconds. This protects website servers from malicious intrusions and ensures the security operations of your websites and web business.
Product Updates
Quick Start


Professional Security Service Team

The professional security service team collects cloud risk information in real time, and updates and synchronizes rules against zero-day vulnerabilities within 24 hours.

Multi-dimensional Charts

WAF presents defense data in multiple dimensions, such as web attack defense, CC attack defense, attack types, and attack regions. This helps you access comprehensive information about security risks.

Convenient Cloud-based Protection Configuration

WAF is directly deployed on the cloud. Then, you can immediately use the protection capabilities of WAF without the need to install hardware facilities.

Stable and Fast Service

WAF uses a BGP solution to implement multi-line disaster recovery in China, intelligently selects the optimal route, and responds within milliseconds.

Full Logs

WAF allows you to store and query full logs in real time. This provides controllable and visible business security and facilitates business compliance.

Virtual Patches for Zero-Day Vulnerabilities

The security team of Kingsoft Cloud provides 24/7 monitoring and delivers virtual patches immediately when a vulnerability is detected. You can obtain protection capabilities against emergent and zero-day vulnerabilities without manual operations. This greatly shortens the response time.


Attack Protection Engine

WAF builds in rule sets based on the experience of the security team. The rule sets can be used to defend against common threats that are defined by OWASP, such as SQL injection, XSS attacks, webshell uploads, command injection, and malicious crawlers.

Custom CC Attack Defense

WAF allows you to customize matching rules and identification methods for specific URL paths, and set limits on the access frequency, the blocking duration, and the blocking method. Human-machine identification is supported.

Flexible Access Control

WAF allows you to configure common HTTP fields to implement precise access control. You can also set a blacklist or whitelist and customize risk levels. This helps you block non-compliant access requests such as RFCs and custom requests.


WAF allows you to block access requests from specific regions. You can block access requests from regions outside mainland China with a few clicks.

Log Service

WAF allows you to download attack logs and the content of request fields as needed. This helps you analyze and formulate security protection policies.

Traffic Marking

WAF allows you to add field values to traffic requests, which facilitates the collection of statistics for the backend server and prevents attacks from origin servers.

Product Updates


Initial Release

The initial version of WAF is released.
New Features

WAF 2.0 Released

WAF is optimized and reconstructed to provide a brand-new interactive experience.
Experience Enhancements


SLB_WAF instances allow you to bind or unbind EIPs as needed with a few clicks.
New Features

Cloud WAF Released

The security protection for third-party origin servers is supported.
New Features

Intelligent Semantic Engine Added

Non-standard port forwarding is supported. An intelligent semantic engine is added.
New Features

Cloud WAF Released in CN East 1 (Shanghai)

Cloud WAF is available in the CN East 1 (Shanghai) region.
New Zones/Regions

WAF Available in All Regions in China

WAF is available in all regions in China.
New Zones/Regions

Connect to CMS

WAF is connected to Kingsoft Cloud Monitor Service (CMS). The business status of WAF instances then can be monitored and alarms can be sent in real time.
New Features

Projects Supported

WAF allows you to create projects to manage your WAF instances. You can change the projects to which WAF instances belong.
New Features

IPv6 Addresses Supported

Cloud WAF instances support IPv6 addresses.
New Features

WAF 3.0 Released

The WAF architecture is upgraded and more features are offered to provide better user experience.
New Versions/Specifications



WAF helps you avoid security issues such as web attacks, business access risks, vulnerability exploitation, and webshell intrusions. After you add a DNS record, traffic can be redirected to a WAF protection cluster for scrubbing. Then, only the normal traffic is forwarded to the origin server. The WAF protection capabilities can be triggered within seconds. This prevents website servers from malicious intrusions and ensures the security operations of your websites and web business.



WAF intelligently filters malicious attacks and crawler accesses in scenarios such as high-concurrency flash sales and various marketing activities. This ensures smooth business access and effective implementation of marketing strategies.

Financial Websites

WAF effectively detects abnormal accesses such as web intrusions, credential stuffing attacks, data breaches, and DNS hijacking. This prevents the user information from leakage. WAF also identifies and manages program behaviors of bots and assists financial enterprises in anti-crawler management policies. This prevents the information of financial products from crawling and financial strategies from leakage.

Internet-based Business

WAF prevents business data from intrusion, tampering, and breaches. WAF filters various types of attacks and spam traffic. This facilitates normal and stable operation of Internet-based core business.