This topic describes how to resolve the issue of logon status loss after web services are added to Web Application Firewall (WAF).
Problem description
After a website is added to WAF, the information about logon status may be lost or other issues related to logon status may occur. Possible causes:
The website is hosted on multiple Elastic Compute Service (ECS) instances and WAF is deployed together with a Server Load Balancer (SLB) instance. However, session synchronization is not configured.
Originating IP addresses of clients are not obtained from the x-forwarded-for header.
Solution
Configure session synchronization for the ECS instances.
For co-deployment of WAF and SLB, use Layer 7 HTTP forwarding, enable session persistence, and implement cookie-based session persistence.
Obtain the originating IP addresses of clients from the x-forwarded-for header.
For more information, see Retrieve the originating IP addresses of clients.