检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Precautions Before configuring an access control policy on an origin server, ensure that you have connected all domain names of websites hosted on Elastic Cloud Server (ECS) or having Elastic Load Balance (ELB) deployed to WAF.
LTS to Query and Analyze WAF Access Logs Using LTS to Analyze How WAF Blocks Spring Core RCE Vulnerabilities Using LTS to Configure Block Alarms for WAF Rules Origin server security configuration Using WAF to Improve Connection Security Configuring an Access Control Policy on an ECS
*:get*", "ecs:*:list*", "elb:*:get*", "elb:*:list*" ], "Effect": "Allow" } ] }
Locate the row containing the ECS hosting your website. In the Name/ID column, click the ECS name to go to the ECS details page. Click the Security Groups tab. Then, click Change Security Group.
You can ignore this parameter. specification String Dedicated engine ECS specifications, for example, 8 vCPUs | 16 GB serverId String ID of the ECS hosting the dedicated engine create_time Long Time the dedicated WAF instance is created.
Please check configurations check configurations 400 WAF.00015005 premium.instance.illegal.flavor Illegal ECS flavor of dedicated WAF instance Change the ECS specifications. 400 WAF.00015006 premium.instance.purchase.config.not.found Purchase options of Premium WAF is not configured
NOTE: WAF also provides the ECS type of WAF instance. This type of WAF instance is deployed on your own ECSs. You can view the ECSs housing your WAF instances on the ECS console. To use this type of WAF instance, submit a service ticket.
The inbound and outbound traffic of the origin ECS you view on the ECS console is the normal traffic. If there are multiple ECSs, collect statistics on the normal traffic of all ECSs.
The inbound and outbound traffic of the origin ECS you view on the ECS console is the normal traffic. If there are multiple ECSs, collect statistics on the normal traffic of all ECSs.
Public services, such as Elastic Cloud Server (ECS), Elastic Volume Service (EVS), Object Storage Service (OBS), Virtual Private Cloud (VPC), Elastic IP (EIP), and Image Management Service (IMS), are shared within the same region.
For WAF instances of the ECS type, select a flavor based on what are available on the console.
instance name to view the ECS specifications for the instance.
You can ignore this parameter. specification String Dedicated engine ECS specifications, for example, 8 vCPUs | 16 GB hosts Array of IdHostnameEntry objects Domain name protected by the dedicated engine. serverId String ID of the ECS hosting the dedicated engine. create_time Long
Public services, such as Elastic Cloud Server (ECS), Elastic Volume Service (EVS), Object Storage Service (OBS), Virtual Private Cloud (VPC), Elastic IP (EIP), and Image Management Service (IMS), are shared within the same region.
The inbound and outbound traffic of the origin ECS you view on the ECS console is the normal traffic. If there are multiple ECSs, collect statistics on the normal traffic of all ECSs.
You can ignore this parameter. specification String Dedicated engine ECS specifications, for example, 8 vCPUs | 16 GB serverId String ID of the ECS hosting the dedicated engine. create_time Long Time the dedicated WAF instance is created.
Configuring ECS and ELB Access Control Policies to Protect Origin Servers This topic describes how to protect origin servers deployed on ECSs or added to ELB backend server groups. It helps you: Identify publicly accessible origin servers.
You can ignore this parameter. specification String Dedicated engine ECS specifications, for example, 8 vCPUs | 16 GB serverId String ID of the ECS hosting the dedicated engine create_time Long Time the dedicated WAF instance is created.
Locate the row containing the ECS hosting your website. In the Name/ID column, click the ECS name to go to the ECS details page. Click the Security Groups tab. Then, click Change Security Group. Click the security group name to view the details.
Configuring Origin Server Security Using WAF to Improve Connection Security Configuring an Access Control Policy on an ECS or ELB to Protect Origin Servers
