All Products
Search
Document Center

Edge Security Acceleration:Configure basic web protection

Last Updated:Jan 04, 2024

Basic web protection uses the built-in protection rule set to defend against common web attacks. The attacks include SQL injection, cross-site scripting (XSS) attacks, webshells, command injection, backdoor isolation, invalid file requests, path traversal, and exploitation of common vulnerabilities.

Prerequisites

Default rules for basic web protection

Basic web protection provides a built-in basic protection rule set (Default_WafGroup_Rule). Default_WafGroup_Rule is used to protect against common web application attacks.

By default, the default rule set is enabled and the Block action is used. The new domain names that are added to WAF are protected by the default rule set of basic web protection. If WAF detects that a request matches a basic protection rule, WAF blocks the request and returns a block page to the client that sent the request.

默认规则

Create a basic web protection policy

  1. Log on to the DCDN console.

  2. In the left-side navigation pane, choose WAF > Protection Policies.

  3. On the Protection Policies page, click Create Policy.

  4. On the Create Policy page, configure the parameters. The following table describes the parameters.

    Section

    Parameter

    Description

    Policy Information

    Policy Type

    The type of the protection policy. Select Basic Web Protection.

    Policy Name

    The name of the protection policy. The name can be up to 64 characters in length and can contain letters, digits, and underscores (_).

    Make Default

    Specifies whether the current policy is the default policy of the current policy type.

    Note
    • You can specify only one default policy for each policy type. After you specify a default policy, you cannot change the default policy.

    • If you have specified the default policy for the current policy type, this switch is unavailable.

    Rule Information

    Rule Group Type

    The type of the rule group that is used to protect against attacks.

    • Default: the built-in rule group of Alibaba Cloud Security.

    • Custom: a custom rule group.

    Rule

    The action that you want to perform on requests when WAF detects attacks.

    • Block: blocks requests that match the rule and returns a block page to the client.

    • Monitor: does not block the request that matches the rule.

    The first time that you configure a rule, you can set the Action parameter to Monitor to check the protection performance of the rule and whether legitimate requests are blocked. Then, you can determine whether to set the Action parameter to Block based on the check results.

    Protected Domain Names

    Protected Domain Names

    The domain name that you want to associate with the current protection policy.

    Note

    You can associate a protected domain name with only one protection policy of the same policy type.

    If the domain name is associated with another protection policy of the same type, the domain name is associated with the current policy after you configure the current policy for the domain name.

  5. Click Create Policy.

    By default, the protection policy that you created is enabled.

Manage basic web protection policies

After you create a basic web protection policy, you can click Modify to modify the rule that is configured for the policy or click Delete to delete the rule in the Actions column in the protection policy list. For example, you can click Modify to change the value of the Action parameter from Block to Monitor.管理Web基础防护策略

Related API operations