Overview
The leak protection feature replaces the sensitive information returned in your web pages, such as mobile numbers and ID numbers.
Configuration samples
- Log in to the WAF Console, and click Web Application Firewall > Defense settings in the left sidebar. In the domain name list, select the domain name of the site you want to protect. In the Operation column on the right, click Defense configuration to enter the details page, and select Leak Resistance>Add a Rule.

- In the “Add leak resistance rule” page, enter the rule name, add a condition by selecting “Sensitive info” for Field, “includes” for Condition, and “ID card” or “Mobile” for Content, select an action, “Replace” or “Observe”, and then click Confirm.

- Once the rule takes effect, it will begin protecting the sensitive information returned in your web pages as shown in the example below (demo content):
- Before protection:

- After protection:

Previous: Custom Rules
Next: Region Blocking
Was this page helpful?