Microservices Engine:Enable route-level WAF protection

How instance-level and route-level WAF protection work together

MSE supports two levels of WAF protection. You can use them independently or together.

Prerequisites

Before you begin, make sure that you have:

• An MSE cloud-native gateway with at least one route configured

• Permissions to manage WAF settings in the MSE console

Enable route-level WAF protection for a route

1. Log on to the MSE console, and select a region in the top navigation bar.

2. In the left-side navigation pane, choose Cloud-native Gateway > Gateways. On the Gateways page, click the ID of the gateway.

3. In the left-side navigation pane, click Routes. Then, click the Routes tab.

4. Click the name of the target route. On the route details page, click the Policies tab, and then click WAF.

5. In the WAF section, click Enable Route-level WAF Protection (Recommended).

6. In the confirmation dialog box, click OK.

Default protections after enablement

After you enable route-level WAF protection, WAF detects and filters all access traffic to the route. The following two protection features are enabled by default:

All other WAF features are disabled by default. To enable additional protection features or configure custom protection rules, see Overview of WAF features.

See also

• Enable WAF protection: Enable instance-level WAF protection for an entire gateway