All Products
Search

This Product

    Web Application Firewall:Billing overview

    Document Center

    Web Application Firewall:Billing overview

    Last Updated:Feb 18, 2024

    The pay-as-you-go billing method allows you to pay for resources after you use the resources. You are charged based on your resource usage. Fees are deducted from the balance of your Alibaba Cloud account after bills are generated at the end of each billing cycle. For pay-as-you-go instances, Web Application Firewall (WAF) 3.0 charges you based on security capacity units (SeCUs). You can purchase SeCU resource plans to offset fees and reduce costs. This topic describes the billing rules of pay-as-you-go WAF instances.

    Procedure

    按量付费流程

    Scenarios

    The pay-as-you-go billing method is suitable for scenarios that have the following characteristics:

    • The resource usage fluctuates.

    • Your business requires resources for a short period of time.

    SeCU

    For pay-as-you-go instances, WAF 3.0 charges you based on SeCUs. This section describes SeCUs.

    • The unit price of a SeCU is USD 0.01.

    • SeCU usage is measured on an hourly basis. For example, SeCU usage is measured from 10:00:00 to 10:59:59.

    • SeCU usage is rounded up to the nearest integer. For example, if only 0.5 SeCUs are used from 10:00:00 to 10:59:59, you are charged 1 SeCU for the time period.

    Billable items

    Formula

    Total fee = Request processing fee + Feature fee

    Note

    Before you can use the major event protection feature, you must pay for the feature. No additional fees are charged during the validity period.

    Billable items原版.jpg

    Note

    If you enable WAF protection for an Application Load Balancer (ALB) instance, you are charged additional fees for the WAF-enabled ALB instance. The fees are included in the bills of the ALB instance. For information about the billing rules of ALB instances, see ALB billing rules.

    Billing cycle

    Fees are calculated on a daily basis (UTC+8). After the fees are calculated, a new billing cycle begins.

    Note

    • The bills for pay-as-you-go WAF instances are generated each day before 06:00. If you want to change the specifications of a pay-as-you-go WAF instance, we recommend that you perform the change after 06:00.

    • If the total amount of your account balance and the vouchers in your Alibaba Cloud account is less than the total amount of the bill, the service sends a notification by text message or email.

    Examples

    Example 1

    Five domain names are added in CNAME record mode, two IP address blacklist rules are created, and no requests are processed in one billable hour.

    The request processing fee for the hour is 0 SeCU. The feature fee is 12 SeCUs, including 8 SeCUs for the domain names that are added in CNAME record mode and 4 SeCUs for two IP address blacklist rules. The total fee is USD 0.12 and is calculated based on the following formula: 0.01 × 12.

    Example 2

    Twelve domain names are added in CNAME record mode, exclusive IP addresses and intelligent load balancing are enabled for two domain names, one scan protection template is created, and 50,001 requests are processed in one billable hour.

    The request processing fee for the hour is 11 SeCUs. The feature fee is 70 SeCUs, which includes 22 SeCUs for the domain names that are added in CNAME record mode, 30 SeCUs for the exclusive IP addresses, 15 SeCUs for the intelligent load balancing feature, and 3 SeCUs for the scan protection template. The total fee is USD 0.81, which is calculated by using the following formula: 0.01 × (11 + 70).

    Example 3

    An ALB instance is added to WAF in cloud native mode, the domain names on the ALB instance are added as protected objects of WAF, and only basic protection rules are configured for the ALB instance.

    The request processing fee is included in the bill of the WAF instance, and the fee for the WAF-enabled ALB instance is included in the bills of the ALB instance.

    Example 4

    Multiple ALB instances are added to WAF in cloud native mode, two custom response templates are created for different protected objects, and 50,001 requests are processed in one billable hour.

    The request processing fee for the hour is 11 SeCUs. The feature fee is 20 SeCUs, which includes 10 SeCUs for each custom response rule. The fee for the WAF-enabled ALB instance is USD 0.035. The total fee is USD 0.345, which is calculated by using the following formula: 0.035 + 0.01 × (11 + 20).

    References

    • Billing
      SeCU resource plans
      Manage bills
      Unsubscription policy
      Overdue payments
    • Other references
      Bot management
      API security
      Major event protection
      Exclusive IP addresses
      Log management overview