This topic describes the website protection functions supported by Web Application Firewall (WAF).
|Web Security||Website Whitelisting||The function allows access requests that match specified conditions. These access requests are directed to origin servers, instead of being filtered by WAF website protection policies.||Configure the website whitelist|
| └ Web Intrusion Prevention
Protect against common attacks and provide quick responses to zero-day vulnerabilities to ensure website security.
|RegEx Protection Engine||The function protects your websites against common web attacks based on built-in rule groups. The common web attacks include SQL injection, XSS, webshell upload, command injection, backdoor isolation, invalid file requests, path traversing, and common application attacks.||Configure the RegEx Protection Engine|
|Protection Rule Group||The function allows you to combine protection rules to create a custom rule group
and apply the group to specific websites as needed.
Note You can create a custom rule group for only RegEx Protection Engine.
|Customize protection rule groups|
|Big Data Deep Learning Engine||The function is based on the deep neural network system of Alibaba Cloud. It classifies all web attack data and normal business data in the cloud and then creates a data model. This way, potential attacks can be blocked in real time.||Configure the big data deep learning engine|
|Whitelisting Rules||The function allows access requests that match specified conditions. These access requests are directed to origin servers, instead of being filtered by WAF website protection policies, such as RegEx Protection Engine and Big Data Deep Learning Engine.||Configure the web intrusion prevention whitelist|
| └ Data Security
Prevent the leak and tampering of web page content protected by WAF. It helps you maintain data integrity and confidentiality.
|Website Tamper-proofing||The function helps you lock specific web pages, such as those that contain sensitive information. When a locked web page is requested, the page cached in WAF is returned. This prevents the tampering of the web pages.||Configure tamper-proofing|
|Data Leakage Prevention||The function filters content, such as abnormal pages and keywords, returned from the servers to websites and masks sensitive information, such as identity card numbers, bank card numbers, phone numbers, and sensitive words. WAF then returns masked information or default error pages to visitors.||Configure data leakage prevention|
|Whitelisting Rules||The function allows access requests that match specified conditions. These access requests are directed to origin servers, instead of being filtered by WAF website protection policies, such as website tamper-proofing and data leak prevention.||Configure the data security whitelist|
| └ Advanced protection
Provide advanced web security protection functions.
|Positive Security Model||The model uses Alibaba Cloud machine learning algorithms to automatically study the normal network traffic of a website. It then generates security protection policies tailored for the website based on the collected data.||Configure the positive security model|
Provide security protection policies for crawler access to mitigate the impact of malicious crawlers and automation tools on your website services.
|Allowed Crawlers||The function maintains a whitelist for authorized search engines, such as Google, Bing, Baidu, Sogou, 360, and Yandex. The crawlers of these search engines are allowed to access specified domain names.||Set a threat intelligence rule to allow requests from specific crawlers|
|Bot Threat Intelligence||The function provides information about suspicious IP addresses of dialers, data centers, and malicious scanners based on the powerful computing capabilities of Alibaba Cloud. This function also maintains a dynamic IP library of malicious crawlers and prevents crawlers from accessing your websites or specific directories.||Set a bot threat intelligence rule|
|Data Risk Control||The function protects crucial website services, such as registrations, logons, activities, and forums, against fraud.||Configure data risk control|
|App Protection||The function provides secure connections and anti-bot protection for native applications. This function identifies proxies, emulators, and requests with invalid signatures.||Configure application protection|
Provide custom access control policies and traffic management policies at the application layer. It also ensures the accessibility of the website.
|HTTP Flood Protection||This function helps you defend against HTTP flood attacks and provides protection policies in different modes.||Configure HTTP flood protection|
|IP Blacklist||The function blocks access requests from specified IP addresses and CIDR blocks. It also blocks access requests from IP addresses in specified regions.||Configure the IP blacklist|
|Scan Protection||The function automatically blocks access requests that have specific characteristics. For example, if the source IP address of requests initiates multiple web attacks or targeted directory traversal attacks in a short period of time, WAF automatically blocks the requests. Source IP addresses are also blocked if they are from common scan tools or the Alibaba Cloud library that records malicious IP addresses.||Configure scan protection|
|Custom Protection Policy||The function allows you to customize ACL rules and configure rate limiting based on precise matching conditions.||Create a custom protection policy|
|Whitelisting Rules||The function allows access requests that match specified conditions. These access requests are directed to origin servers, instead of being filtered by WAF website protection policies, such as HTTP flood protection, IP blacklist, scan protection, and custom protection policy.||Configure the access control and throttling whitelist|
|Protection Lab||Account Security||The function allows you to monitor user authentication-related interfaces, such as the interfaces used for registration and logon, and to detect events that may pose a threat to user credentials. These threats include credential stuffing, brute-force attacks, spam registration, weak password sniffing, and SMS interface abuse.||Configure account security|
|API Request Security||The function allows you to upload a custom API rule file to execute only requests that comply with the rules. This protects your website assets from threats such as tampering and replay attacks.||API request security|