Find answers to common questions about Web Application Firewall (WAF) 3.0, organized by topic.
Product capabilities (12 questions)
Can the exclusive IP address of WAF defend against DDoS attacks?
How do I configure WAF to pass the original client IP to my origin server via a custom header?
Is it possible to set up a cross-account architecture with CDN, Anti-DDoS, and WAF?
Which TLDs (top-level domains) are supported for domains added to WAF using CNAME record mode?
How can I use WAF to protect multiple origin servers behind a single domain name?
What is the correct way to integrate WAF 3.0 with CDN or Anti-DDoS services?
Does WAF support proxying for WebSocket, HTTP/2, or SPDY protocols?
Can WAF protect a web application that uses NT LAN Manager (NTLM) authentication?
What is the scope of the QPS limit in WAF: the entire instance or a single domain?
Resource onboarding configuration (11 questions)
What's the difference between an "Origin Server IP" and a "Back-to-Origin IP" in WAF?
Is it possible to use both transparent proxy mode and CNAME record mode for the same domain in WAF?
How do I add a domain to WAF when its DNS record resolves to multiple cloud instances?
How do I protect multiple domains with WAF when they all resolve to a single cloud instance?
How can I find my WAF instance's back-to-origin IP ranges and its assigned CNAME record?
Why are my SLB, NLB, or ECS instances not appearing in the list of resources to add to WAF?
Should I use the public or private IP of my ECS instance as the origin server IP in WAF?
Why do I get an "CLB instance certificate is incomplete" error when adding an HTTPS listener in WAF?
What is the correct way to update an expiring SSL certificate in WAF?
How can my origin server get the real client IP when using WAF's cloud native mode?
How can I prevent attackers from bypassing WAF and directly attacking my origin server's public IP?
Troubleshooting (13 questions)
What are the common causes for 502 bad gateway errors after routing traffic through WAF?
Why are file uploads failing with a timeout or error after I enabled WAF?
I've added my domain to WAF, so why is it not showing up in the domain list?
How do I troubleshoot general website access errors after enabling WAF?
How do I troubleshoot HTTPS connection errors after enabling WAF?
How can I troubleshoot and resolve 405 method not allowed errors returned by WAF?
Why am I getting an "Invalid HTTPS private key format" error when uploading a certificate to WAF?
How do I resolve a "certificate and private key mismatch" error in WAF?
Why are user login sessions being lost after passing through WAF, and how do I fix it?
Why can't my mini program connect to its backend API after I enabled WAF?
Why are only some users or clients unable to access my site after it was added to WAF?
What should I do when my WAF instance is under blackhole filtering?