Web Application Firewall (WAF) is an all-in-one service that protects your websites and applications. You can use WAF to prevent data breaches, HTTP flood attacks, webshells, and web page tampering. WAF also provides virtual patches. After you enable WAF for an Application Load Balancer (ALB) Ingress, network traffic is filtered by WAF before it is routed to ALB listeners. This topic describes how to enable WAF for an ALB Ingress.
Enable WAF when you create an ALB Ingress
StandardWithWaf. The following code block provides an example. For more information, see Access Services by using an ALB Ingress and Configure AlbConfig objects.
apiVersion: alibabacloud.com/v1 kind: AlbConfig metadata: name: alb-demo spec: config: name: alb-test addressType: Internet edition: StandardWithWaf zoneMappings: - vSwitchId: vsw-2zee5b2w0bgkaundk2lne - vSwitchId: vsw-2zeajfktcyxs0ru1xfiqo
Enable WAF for an existing ALB Ingress
Modify the YAML file of the corresponding AlbConfig object by changing the value of
StandardWithWaf. For more information, see Configure AlbConfig objects.