Alibaba Cloud Web Application Firewall (WAF) 3.0 identifies malicious traffic of functions and applications, scrubs and filters out malicious traffic, and returns normal traffic to backend functions to protect your functions against malicious intrusions. This topic describes how to enable WAF for a custom domain name in the Function Compute console.
Background
After you integrate WAF 3.0 with Function Compute, WAF 3.0 can be used to protect custom domain names and provide end-to-end security protection for your websites or applications.
Limits
The WAF feature for custom domain names in Function Compute is available only in the following regions: China (Hangzhou), China (Shanghai), China (Beijing), China (Shenzhen), and China (Zhangjiakou).
Billing overview
After you enable the WAF feature for a custom domain name, you are charged based on the usage of WAF 3.0. For more information, see Overview.
Prerequisites
A WAF 3.0 instance is purchased. For more information, see Purchase a subscription WAF 3.0 instance or Activate a pay-as-you-go WAF 3.0 instance.
Procedure
You can enable the WAF feature for a custom domain name when you create the custom domain name. You can also enable the WAF feature for an existing custom domain name.
Enable the WAF feature when you create a custom domain name
Log on to the Function Compute console. In the left-side navigation pane, choose .
In the top navigation bar, select the region where you want to create a custom domain name. On the Custom Domains page, click Add Custom Domain Name.
On the Add Custom Domain Name page, configure the Domain Name parameter. In the WAF Settings section, set Web Application Firewall (WAF) to Enable and click Create.
For more information about the parameters to create a custom domain name, see the "Step 3: Add the custom domain name" section of the Configure a custom domain name topic.
Enable the WAF feature for an existing custom domain name
Log on to the Function Compute console. In the left-side navigation pane, choose .
On the Custom Domains page, find the custom domain name for which you want to enable the WAF feature and click Modify in the Actions column.
On the Modify Custom Domain Name page, set Web Application Firewall (WAF) parameter to Enable and click Save.
What to do next
After the WAF feature is enabled for a custom domain name, traffic to access websites are passed through and protected by WAF. WAF provides multiple features to protect your website against different types of attacks. By default, the protection rules engine feature and the HTTP flood protection feature are enabled. The protection rules engine feature protects websites against common web attacks, such as SQL injections, cross-site scripting (XSS) attacks, and webshell uploads. The HTTP flood protection feature protects websites against HTTP flood attacks. You must manually enable other features of WAF and configure protection rules based on your business requirements. For more information, see Protection configuration overview.