The Overview page allows you to get an overall picture of the security status of your domain name.
Security Overview
1. Log in to the WAF console and select Overview on the left sidebar. Then open the Security Overview tab.
2. Select a domain name to view data that measures the security status of the domain name.
Instance Overview
To view expired instances under your account, select a domain name and click Include x instances.
Rule Updates
By clicking See more in the rule updates section, you can view WAF supported rules in detail.
Attacks Overview
All domain names
1. When "All domain names" is selected, all attack data are displayed. You can also set a time range to display data you want to see.
2. At the lower part of the page, you can view the following information including top 5 domain names by web attacks, top 5 attacker IPs, and top 5 domain names by CC attacks.
Field description:
Top 5 domain names by web attacks: It displays five domain names that suffer web attacks most frequently.
Top 5 attacker IPs: It displays five IPs that initiate attacks most frequently.
Top 5 domain names by CC attacks: It displays five domain names that suffer CC attacks most frequently.
Top 5 requester IPs: It displays five IPs that send access requests most frequently.
Distribution of attacker IPs: It displays how the attacker IPs distribute across regions.
Types of attacks (%): It displays the distribution of the attack types.
Types of browsers (%): It displays the distribution of the browser types.
Single domain name
1. When a specific domain name is selected, the corresponding attack data is displayed. You can also set a time range to display data you want to see.
2. At the lower part of the page, you can view the following information including top 5 attacker IPs, top 5 requester IPs and distribution of attacker IPs.
Field description:
Top 5 attacker IPs: It displays five IPs that initiate attacks most frequently.
Top 5 requester IPs: It displays five IPs that send access requests most frequently.
Distribution of attacker IPs: It displays how the attacker IPs distribute across regions.
Types of attacks (%): It displays the distribution of the attack types.
Types of browsers (%): It displays the distribution of the browser types.
Overview of Security Analysis
Basic security analysis: It displays the number of web attacks on the selected domain name during the specified period.
Application operation analysis: It displays the QPS and bandwidth of the selected domain name on the left, and top 5 slowest pages and top 5 most visited pages on the right.
If the actual business QPS peak exceeds the user instance specification value or 80% of the specification value, the QPS trend analysis page will display the corresponding WAF instance specification value.
If All Resources is selected, the trend graphs of the most recent 3 instances exceeding the limit will be displayed by default, along with their QPS specification values.
If a single WAF instance resource is selected, the instance specification value and corresponding over-limit alert events will be displayed by default. For the detailed calculation method of the WAF instance QPS rule value, please refer to Sandbox Isolation Status.
Application security analysis: It displays the bot information of the selected domain name during the specified period. To view more details, you can click View bot traffic analysis.
