Hybrid Cloud Web Application Firewall (WAF) is a hybrid cloud solution and allows you to implement comprehensive security control for your web services that are deployed both in and outside the cloud. This solution is suitable for centralized security control in hybrid cloud environments.

Background information

Alibaba Cloud offers Hybrid Cloud WAF to help protect and manage web applications in various hybrid cloud environments in a centralized manner. The web applications can be deployed across Alibaba Cloud Public Cloud and data centers and across Alibaba Cloud Public Cloud and third-party clouds. In this case, Hybrid Cloud WAF protects your service traffic that cannot be migrated to the cloud. To deliver an elastic and effective system, Hybrid Cloud WAF combines shared and exclusive resources in and outside the cloud. This way, you can protect the web applications in a centralized manner.

Hybrid Cloud WAF introduces and integrates the protection capabilities of Alibaba Cloud WAF to your data centers to protect web services in hybrid clouds. You can use the WAF console in the cloud to manage protection rules, perform security O&M, manage security services, and upgrade systems.

You can deploy Hybrid Cloud WAF in cluster mode or standalone node mode. Hybrid Cloud WAF serves as a reverse proxy to inspect all access requests and forward requests to backend servers for load balancing. Hybrid Cloud WAF in cluster mode offers the following benefits: multi-node redundancy, scalability, high performance of WAF, and high service availability.


Hybrid Cloud WAF consists of the network, detection, monitoring, and logging modules, and supports web protection, bot management, real-time logging, and HTTP flood protection. Hybrid Cloud WAF offers the following core benefits:
  • Provides a centralized console to perform security O&M and management operations. This reduces O&M costs.
  • Synchronizes protection rules and threat intelligence from Alibaba Cloud WAF in real time. This improves the protection of your services.
  • Obtains the threat intelligence of Alibaba Cloud and uses the security operations capabilities of Alibaba Cloud. This helps accurately identify and block threats.
  • Supports online elastic scale-out. This approach is flexible and controllable, and ensures stable performance.

For more information, see Editions and features.


  1. On the Web Application Firewall buy page, purchase a Hybrid Cloud WAF instance. Hybrid Cloud WAF
  2. In the Web Application Firewall console, deploy a protection cluster for Hybrid Cloud WAF. For more information, see Deploy a protection cluster for Hybrid Cloud WAF.
  3. In the Web Application Firewall console, add a website to the protection cluster for Hybrid Cloud WAF and complete the required configurations. For more information, see Add a website.

Consultation about Hybrid Cloud WAF

If you want to consult about Hybrid Cloud WAF, use DingTalk to scan the following QR code and contact Alibaba Cloud technical support. QR code for consultation