WAF can be connected with servers in data centers outside Tencent Cloud. It protects servers in any public networks, including but not limited to Tencent Cloud and clouds and IDCs of other vendors.
Note:
ICP filing issued by the MIIT is required for all connected domain names in Chinese mainland.
WAF fully supports HTTPS services. You just need to upload an SSL certificate and private key as instructed or select a Tencent Cloud-hosted certificate to make WAF protect HTTPS traffic.
Up to 20 intermediate IPs can be set for one protected domain name in WAF.
Health check is enabled in WAF by default. WAF checks the health status of all real server IPs. If a real server IP does not respond, WAF will stop forwarding requests to it until it is restored to normal status.
WAF supports session persistence, which is enabled by default.
In general, a configuration change takes effect within 10 seconds.
SaaS WAF does not support SSL two-way authentication, but CLB WAF does.
You can connect a domain name in the WAF Console. For more information, please see Step 1. Add a Domain Name.
No, you can't change it in principle. However, if an exception occurs to your WAF service, you can submit a ticket for application, and we will switch it to another working VIP address for you.
WAF performs forwarding based on domain name or IP. You can choose an option to configure as needed. For more information, please see Step 1. Add a Domain Name.
Please see CNAME Configuration for how to bind CNAME at your DNS service provider.
Once WAF is disabled, all its protection features become unavailable, and the traffic forwarding mode starts to run instead, with no logs recorded.
No, it won't. You can go to the WAF Console, click your domain name in the Domain Name List, and view the CNAME in "Basic Settings".
Was this page helpful?