If your host is protected by WAF, you must add the CIDR block of Cloud Security Scanner to the WAF whitelist. If Cloud Security Scanner is not in the WAF whitelist, the accuracy of scan results may be adversely affected.


  1. Log on to the WAF console.
  2. In the left-side navigation pane, click Management.Website Configuration
  3. On the Website Configuration page, find the target domain, and then click Policies in the Operation column.Policies
  4. In the HTTP ACL Policy module, click Settings.Settings
  5. In the HTTP ACL Policy table, click Add Rule in the upper-right corner. The Add Rule dialog box appears.
  6. In the Add Rule dialog box, set the required parameters.
    • Rule Name: Specify a name for the rule.
    • Matching Field: In the Matching Field drop-list, select IP or User-Agent, and then enter a criterion into the Matching Content input box.
      Note For a newly added rule, you only need to configure IP or User-Agent criteria. We recommend that you configure IP address criteria when you add rules.
      • Select IP.
        Note For more information about the IP addresses, submit a ticket.
      • If you do not want to configure an IP address whitelist, select User-Agent. Submit a ticket to obtain the matching content.
  7. In the Action drop-down list, select Allow.
    Note After you set the Action parameter to Allow, the rule is configured. Do not select the check boxes under Next Action, for example, Proceed to execute web application attack protection.
  8. Click Confirm.