Web Application Firewall

WAF is a cloud firewall service that protects core website data and safeguards the security and availability of your site.

Based on powerful Big Data cloud capabilities and underlying security, WAF provides protection against web-based attacks, including SQL injections, XSS, Malicious BOT, command execution vulnerabilities, and other common web attacks.

"Web Application Firewall protects our websites from thousands of web application attacks each day, protecting our core online assets."

• Easy Deployment: No need to install additional software or to deploy extra hardware. You can access the product and secure your website within minutes

• Shorter Response Time: Extremely short response time (milliseconds) for user requests

• Improved Monitoring and Service Systems: Offers 24/7 network-wide smart monitoring and scheduling based on service quality

• Centrally Defined Protection Rules: Nearly 1,000 protection rules, updated each day across all web applications by a dedicated defense team in order to protect from false positive rates

• Patch Synchronization: Offers 0-day web vulnerability patches synchronized globally within 24 hours

• Superior Defense: Comprehensive website security protection through precise access controls to provide powerful defense against web/flood attacks

• Security Protection: Protects thousands of data sensitive websites against millions of web attacks

• Global Synchronization: Collaborative defense captures new threats and globally synchronizes protection rules

• Big Data Learning Models: WAF utilizes a big data learning model to reduce the rate of false positives

• Real-time Metrics of Web Requests: Monitors requests that match your filter criteria and provides real-time metrics for improved visibility of your web traffic, which you can create using new rules and alerts

• Monthly Package: Offers monthly subscription with different package versions and feature specifications that you can select depending on your requirements

Alibaba Cloud Web Application Firewall (WAF) is a SaaS-based web application security service which detects illegal web requests through its built-in security strategy. As a cloud firewall service WAF modifies your website’s DNS records, so that all requests through WAF are detected in order to direct safe traffic to the site server and prohibit attacks from reaching the server.

WAF also filters out large numbers of malicious access attempts and alleviates the performance impact of HTTP/HTTPS flood attacks on servers.

Protection Rule Policies: Provides high, medium and low-protection rules/policies against common web attacks listed in OWASP.

Meets the needs of different website services regarding common GET and POST HTTP requests.

Defends against SQL injection, XSS, Webshell uploads, command injection, illegal HTTP protocol requests, attacks on common web server vulnerabilities, unauthorized access to core files, and path traversal.

Provides backdoor isolation protection, defense scans, and other security protection.

Website Stealth: Safeguards website address from being exposed to attackers, so that attacks cannot bypass the WAF and attack your website directly.

Regular 0-day Patch Updates: Synchronizes protection rules with Taobao (online shopping platform) and quickly provides patches latest vulnerabilities. These patches are immediately synchronized globally to defend all protected websites.

Multi-layer Protection: Integrated security modules protect from common web/CC attacks. WAF creates a comprehensive, multi-layer protection mechanism to accurately distinguish between trusted and malicious traffic based on actual needs.

Friendly Observation Mode: Option to enable observation mode for new website services. In this mode, WAF issues warnings for possible attacks that match the protection rules, but does not block them. This lets you collect statistics on the false positive rate of your service.

Prevention Mode: Actively blocks intrusions and attacks detected by its set rules. Attackers' requests are denied and their connection is terminated. This mode continues to log such attacks in the WAF logs file.

Fully utilizes Alibaba Cloud's advantages in big data security, threat intelligence library, and trusted access analysis models to identify malicious traffic.

Alibaba Cloud WAF is based on a monthly subscription that offers customers different packages with different feature specifications. Pricing depends on the type of package selected by the customer.

The following prices are for reference only and the final price will depend on the selected package.

Price Calculation Method: Cost of Package Version + Domain Extension Fee + Bandwidth Extension Fee

Subscription Package:

Details:

A) Different prices for different versions apply

B) If domain or bandwidth specification required by the customer exceeds the specification of the package version, an additional extension fee is applied

A technology company providing search engine and related services including a social media website platform, wishes to protect against data breaches over the network. Additionally, users want to secure its user account information from unauthorized users.

A financial institution needs to defend against large-scale volumetric DDoS and data breach attacks to maintain 100 percent availability of its web properties, including new account sales, transactions, customer service portals, mobile sites, and product and service information. Additionally, users want to protect personal and corporate information while seeing an improvement to the page load performance and responsive performance.

A social media company requiring an enterprise-level custom security policy to protect against big data hacking, user-identity theft, and user-agent protection. Alibaba Cloud WAF offers user-agent rule configuration and protects against DDoS, brute-force attacks and personal information hacks. WAF combines different security solutions through access control customization rules. It configures corresponding security policies by analyzing abnormal content, such as user-agents, URLs, and referrers. It also provides protection against WordPress pingback attacks and offers website management background logon and chain protection.

Access Alibaba Cloud WAF with the Management Console

The Alibaba Cloud Management Console provides a simple web-based user interface that allows you to access and configure web application firewalls. From the console, you can configure the domain name, port, certificate, private key, view security reports and attack details, and the security status of the current website.

Refer to the Web Application Firewall Quick Start Guide for step-by-step instructions on how to configure WAF through the management console.

To understand how Alibaba Cloud WAF operates, refer to the WAF User Guide

Alibaba Cloud Web Application Firewall (WAF) is a web application security service that protects web applications from attacks by configuring rules that allow, block, or monitor (count) requests based on defined conditions. These conditions include IP addresses, HTTP headers, HTTP bodies, URI strings, SQL injections, and XSS.

Yes, WAF can be integrated with a CDN, which can support customers not hosted on Alibaba Cloud.

The product can serve E-Commerce, O2O, financial services, online education, medical, government, and other business websites for normalized security protection.

The web application firewall places the real client IP behind the X-Forwarded-For field in the HTTP header. The IP behind the XFF field configured on the source server is the client's real IP.

Yes, the best deployment architecture is: CDN or Anti-DDoS -> Web Application Firewall (intermediate, application layer protection) -> Web server.

WAF is tightly integrated with Alibaba Cloud CDN, which is commonly used to deliver content for websites and applications. As CDN receives requests for your website/s, it forwards them to WAF for inspection against the rules defined. Once a request meets a condition as per the defined rules, WAF instructs the CDN to either block or allow the request based on the action you define. WAF stops blocked requests before they reach your web servers.

WAF helps protect your website from common attack techniques such as SQL injections, HTTP FLOOD attacks, and Cross-Site Scripting (XSS). You can also create rules that block attacks from specific user-agents, bad bots, or content scrapers.