Web Application Firewall:Purchase a pay-as-you-go WAF 3.0 instance

Purchase instructions

The pay-as-you-go billing method allows you to use resources before you pay for the resources. You are charged based on your resource usage. Fees are deducted from the balance of your Alibaba Cloud account after bills are generated at the end of each billing cycle.

For more information about pay-as-you-go WAF instances, see the following documents:

• What are the features supported by pay-as-you-go WAF instances?

• How are the features supported by pay-as-you-go WAF instances billed?

• How do I view the bills for a pay-as-you-go WAF instance?

Prerequisites

Make sure that your Alibaba Cloud account does not have a WAF instance. If your Alibaba Cloud account has a WAF 2.0 instance, you must release the WAF 2.0 instance before you purchase a WAF 3.0 instance. For information about how to release a WAF 2.0 instance, see Terminate the WAF instance.

Procedure

1. Go to the Web Application Firewall 3.0 (Pay-as-you-go) buy page.

2. Set the Billing Method parameter to Pay-as-you-go. Then, configure the other parameters based on your business requirements. The following table describes the parameters.

   Parameter	Description
   Region	Select the region where the WAF 3.0 instance resides. Valid values: Chinese Mainland and Outside Chinese Mainland.
   Version	Select the version of the WAF 3.0 instance. By default, the value is set to Pay-as-you-go 3.0. You do not need to configure this parameter.
   Traffic Billing Protection Threshold	Specify a threshold value for traffic billing protection. The following section describes the maximum threshold values that are supported by a pay-as-you-go WAF instance for traffic billing protection. By default, the threshold value for traffic billing protection of a pay-as-you-go WAF instance is set to the maximum value. Chinese mainland: 100,000 QPS. Outside the Chinese mainland: 10,000 QPS. If the peak QPS bound for a WAF instance exceeds the specified threshold value for traffic billing protection, the WAF instance is added to a sandbox. You are not charged traffic processing fees or feature fees that are generated in the hour when the WAF instance is added to a sandbox. Important If a WAF instance is added to a sandbox, the Service Level Agreement (SLA) is no longer guaranteed and service access exceptions may occur. The service access exceptions include but are not limited to packet loss, rate limiting, limited connections, failed protection, log data exceptions, report data exceptions, access timeout, traffic scrubbing that is triggered by DDoS attacks, and blackhole filtering. To prevent service access exceptions, we recommend that you change the threshold value for traffic billing protection at the earliest opportunity. For more information, see The sandbox feature. For more information about the traffic billing protection feature, see Traffic billing protection.

3. After you confirm the configurations, click Buy Now and complete the payment.

Related operations

• If you purchase a pay-as-you-go WAF 3.0 instance, you can also purchase a security capacity unit (SeCU) resource plan on the WAF 3.0 SeCU Resource Plan buy page to offset fees and reduce costs. For more information, see SeCU resource plan.

• If you no longer require a WAF 3.0 instance, you can release the WAF 3.0 instance. For more information, see Terminate the WAF service.

What to do next

After you purchase a WAF 3.0 instance, perform the following operations to use WAF 3.0 to protect your services:

1. Add your services to WAF 3.0. For more information, see Website configuration overview.

2. Configure protection policies for protected objects that are added to WAF 3.0. For more information, see Protection configuration overview.

3. View protection data. For more information, see View security reports.