- WAF Release Notes
- User Guide
- Product Introduction
- Purchase Guide
- Getting Started
- Operation Guide
- Best Practice
- FAQS
- Security Advisory
- Command Execution Vulnerability in Exchange Server
- SQL Injection Vulnerability in Yonyou GRP-U8
- XXE Vulnerability in Apache Cocoon (CVE-2020-11991)
- Arbitrary Code Execution Vulnerability in WordPress File Manager
- Jenkins Security Advisory for September
- Remote Code Execution Vulnerabilities in Apache Struts 2 (CVE-2019-0230 and CVE-2019-0233)
- SQL Injection Vulnerability in Apache SkyWalking (CVE-2020-13921)
- WAF Policy
- Glossary
- WAF Release Notes
- User Guide
- Product Introduction
- Purchase Guide
- Getting Started
- Operation Guide
- Best Practice
- FAQS
- Security Advisory
- Command Execution Vulnerability in Exchange Server
- SQL Injection Vulnerability in Yonyou GRP-U8
- XXE Vulnerability in Apache Cocoon (CVE-2020-11991)
- Arbitrary Code Execution Vulnerability in WordPress File Manager
- Jenkins Security Advisory for September
- Remote Code Execution Vulnerabilities in Apache Struts 2 (CVE-2019-0230 and CVE-2019-0233)
- SQL Injection Vulnerability in Apache SkyWalking (CVE-2020-13921)
- WAF Policy
- Glossary
Connection
Can I use WAF for servers outside Tencent Cloud?
WAF can be connected with servers in data centers outside Tencent Cloud. It protects servers in any public networks, including but not limited to Tencent Cloud and clouds and IDCs of other vendors.
Note:
ICP filing issued by the MIIT is required for all connected domain names in Chinese mainland.
Does WAF support HTTPS protection?
WAF fully supports HTTPS services. You just need to upload an SSL certificate and private key as instructed or select a Tencent Cloud-hosted certificate to make WAF protect HTTPS traffic.
How many intermediate IPs can be set for one protected domain name in WAF?
Up to 20 intermediate IPs can be set for one protected domain name in WAF.
Does WAF support health check?
Health check is enabled in WAF by default. WAF checks the health status of all real server IPs. If a real server IP does not respond, WAF will stop forwarding requests to it until it is restored to normal status.
Does WAF support session persistence?
WAF supports session persistence, which is enabled by default.
How long does it take for configuration changes in the WAF Console to take effect?
In general, a configuration change takes effect within 10 seconds.
Do both SaaS and CLB WAF support SSL two-way authentication?
SaaS WAF does not support SSL two-way authentication, but CLB WAF does.
Domain Name
How do I connect a domain name?
You can connect a domain name in the WAF Console. For more information, please see Step 1. Add a Domain Name.
Can I change the VIP address of my domain name?
No, you can't change it in principle. However, if an exception occurs to your WAF service, you can submit a ticket for application, and we will switch it to another working VIP address for you.
What options does WAF offer for domain name forwarding?
WAF performs forwarding based on domain name or IP. You can choose an option to configure as needed. For more information, please see Step 1. Add a Domain Name.
How do I bind a CNAME record to my domain name connected to WAF?
Please see CNAME Configuration for how to bind CNAME at your DNS service provider.
Will the logging feature still be available once WAF is disabled in the domain name list?
Once WAF is disabled, all its protection features become unavailable, and the traffic forwarding mode starts to run instead, with no logs recorded.
Will the CNAME change if my domain name is deleted and added again?
No, it won't. You can go to the WAF Console, click your domain name in the Domain Name List, and view the CNAME in "Basic Settings".
Yes
No
Was this page helpful?