Web Application Firewall:What is Web Application Firewall

Feature category

Description

Business Configuration

Provides security protection for HTTP and HTTPS traffic of websites.

Web Application Security Protection

• Common attack defense: Defends against common OWASP threats, including SQL injection, cross-site scripting (XSS), WebShell uploads, backdoor attacks, command injection, illegal HTTP protocol requests, common web server vulnerability attacks, CSRF, unauthorized access to core files, path traversal, and website scanning.

• Website hiding: Does not expose the real IP address of your site to attackers, preventing them from bypassing WAF to directly attack your site.

• 0-day patch updates: Promptly updates vulnerability patches to ensure website security.

• Observation mode: For newly launched services, alerts on suspected attacks without blocking them, which helps you analyze false positives.

Deep Precise Protection

• Protocol parsing: Fully parses multiple common HTTP protocol data formats, including arbitrary header fields, form data, multipart, JSON, and XML.

• Encoding and decoding: Supports URL encoding, JavaScript Unicode encoding, HEX encoding, HTML entity encoding, Java/PHP serialization encoding, Base64, UTF-7/8, and mixed nested encoding.

• Preprocessing mechanism: Provides space compression, comment pruning, and special character processing to provide precise and accurate data sources for the detection engine.

• Detection capability: Supports detection in complex data format environments with reasonable detection logic complexity to reduce false positives. Supports adaptive decoding of multiple data encoding formats to prevent bypassing.

HTTP Flood Attack Protection

• Rate limiting: Controls the access frequency of a single source IP address and provides protection based on redirect verification and CAPTCHA.

• Slow attack defense: Defends against massive slow-rate request attacks by combining response codes, URL request distribution, and anomalous Referer and User-Agent characteristics for comprehensive protection.

• Intelligence analysis: Leverages Alibaba Cloud's big data security advantages to build threat intelligence and trusted access analysis models for quickly identifying malicious traffic.

Precise Access Control

• Policy configuration: Provides a graphical configuration interface that supports condition combinations based on common HTTP fields such as IP address, URL, Referer, and User-Agent to configure powerful precise access control policies.

• Scenario protection: Supports protection scenarios such as hotlink protection and website backend protection.

• Comprehensive protection: Integrates with web common attack protection and HTTP flood attack protection modules to build a multi-layer comprehensive protection mechanism that easily identifies trusted and malicious traffic.

Virtual Patching

Before a web application vulnerability patch is released and fixed, quickly implements protection by adjusting web protection policies.

Attack Event Management

Supports centralized management and statistics of attack events, attack traffic, and attack scale.

Flexibility and Reliability

• Load balancing: Provides services in a cluster mode with load balancing across multiple servers and supports multiple load balancing strategies.

• Smooth scaling: Can reduce or increase the number of cluster servers based on actual traffic conditions to achieve elastic scaling of service capacity.

• High availability: No single point of failure. A single server going down or undergoing maintenance does not affect normal service.

Benefit

Description

10+ Years of Cybersecurity Experience

• Built on more than 10 years of cybersecurity experience within Alibaba Group, providing the same security experience as successful application cases such as Taobao, Tmall, and Alipay.

• Professional security team provides services for you.

• Defends against known OWASP vulnerabilities and continuously fixes and discloses vulnerabilities.

Defense Against HTTP Flood Attacks and Crawler Attacks

• Helps you defend against and mitigate HTTP flood attacks.

• Helps you defend against web crawlers and avoid network resource consumption.

• Detects and blocks malicious requests to help you reduce bandwidth consumption and prevent depletion of database, SMS, API resources, reduce response latency, and avoid server downtime.

• Supports custom protection rules for diverse business scenarios.

Integrated Big Data Capabilities

• Defends against hundreds of millions of cyber attacks every day.

• Has a rich IP address database.

• Has extensive application cases and in-depth research on the patterns, methods, and signatures of various common cyber attacks.

• Big data analysis continuously integrates advanced technologies.

Simplicity and Reliability

• Deployed and activated within 5 minutes.

• No software or hardware installation required, and no routing configuration adjustments needed.

• Avoids single points of failure and redundancy through the protection cluster.

• High performance for protection traffic processing.