Background information

The following topics can help you be familiar with WAF 3.0:

• What is WAF?

• WAF 3.0 editions

• Billing overview

• Website configuration overview

• Protection configuration overview

Step 1: Purchase a WAF 3.0 instance

1. Log on to the WAF 3.0 console. On the Welcome to Web Application Firewall (WAF) page, click Purchase WAF Subscription or Pay-As-You-Go to purchase a subscription or pay-as-you-go WAF 3.0 instance.

2. On the buy page that appears, specify the specifications based on your business requirements and complete the payment.

   • For more information about how to purchase a subscription WAF 3.0 instance, see Purchase a subscription WAF 3.0 instance.

   • For more information about how to purchase a pay-as-you-go WAF 3.0 instance, see Purchase a pay-as-you-go WAF 3.0 instance.

3. After you purchase a WAF instance, click Console to go back to the WAF 3.0 console.

Step 2: Access WAF 3.0

You can select an access mode in which you want to add your web services to WAF 3.0 according to the following figure.

Cloud native mode

CNAME record mode

1. Add a domain name to WAF. For more information, see the "Step 1: Add a domain name" section in the CNAME record mode topic.

2. Check whether the configurations take effect on your on-premises machine. For more information, see Verify domain name settings.

3. If the origin server on which the domain name is deployed uses a third-party firewall, add the WAF back-to-origin IP address to the IP address whitelist of the third-party firewall. This prevents normal requests that are forwarded by WAF from being blocked. For more information, see Allow access from back-to-origin CIDR blocks of WAF.

4. Change the DNS record of the domain name to resolve the domain name to the CNAME or IP address of WAF. For more information, see Change the DNS record of a domain name.

Hybrid cloud mode

If your web services are deployed on third-party clouds and data centers, you can add your web services to WAF in hybrid cloud mode. This way, you can manage and protect the services in a centralized manner. For more information, see Hybrid cloud mode.

Step 3: Configure protection policies

After you add an instance or a domain name to WAF, WAF automatically adds the instance or domain name as a protected object and enables basic protection rules for the protected object. By default, a medium rule group is used and the protection action is set to Block.

• If you do not have special security requirements, you can use the default settings and view the protection details on the Security Reports page. For more information, see Step 4: View security reports.

• If your website is under web attacks, we recommend that you configure protection policies based on the attack details that are displayed on the Overview and Security Reports pages. For more information, see Protection configuration overview.

Step 4: View security reports

On the Security Reports page, view the protection details of the protection policies that you configured and perform operations on the IP addresses from which attacks are initiated.

• When you view the security report of the basic protection rule module, you can enable the false positive ignoring feature to add specific IP addresses to a whitelist to allow requests that are initiated from the IP address.

• When you view the security report of the bot management module, you can click Add to Whitelist or Add to Blacklist to add specific IP addresses to a whitelist or a blacklist.