tencent cloud

Web Application Firewall

Release Notes and Announcements
Release Notes
Product Announcement
Security Advisory
Product Introduction
Overview
Product Category
Strengths
Scenarios
Plans and Editions
Supported Regions
Basic Concepts
Getting Started
Getting Started
FAQs for Beginners
Operation Guide
Overview
Connection Management
Security Operations
Protection Policies
Service Settings
プラクティスチュートリアル
WAF CCP Overview
Bot Management
API Security
Integration
Protection Configuration
FAQS
Product Consultation
Connection
Usage
Permissions
Sandbox Isolation Status
WAF ポリシー
プライバシーポリシー
データ処理とセキュリティ契約
ドキュメントWeb Application FirewallFAQSConnection Associated Product

Associated Product

PDF
フォーカスモード
フォントサイズ
最終更新日: 2023-12-29 14:56:53

How do I use WAF together with CDN or Anti-DDoS Pro services?

You can use WAF with Anti-DDoS Pro directly, or use it with CDN by setting the CDN origin server IP as the IP of a WAF instance. Recommended deployment architecture: Client > CDN > WAF + Anti-DDoS Pro > CLB > Real server.
If you need the CDN and Anti-DDoS capabilities, simply set the CNAME provided after the connection to WAF as the CDN origin server, and associate Anti-DDoS Pro with the WAF instance. In this way, the user traffic, after going through CDN, is forwarded to WAF, which has the capability of cleansing high-traffic DDoS attacks, and finally reaches the real server for full protection.

How do I connect a CDN domain name to WAF?

To connect a CDN domain name, simply use the CNAME address that WAF assigned for your domain name as the CDN real server. The content is pulled from the origin as traffic flows in the order "user > CDN > WAF > CLB > real server". Meanwhile, you can log in to the WAF console, and select Yes for Use proxy on the Add domain name page. Then, WAF obtains the real IP of your client for protection based on the XFF field in HTTP headers.


前の記事へ: CNAME次の記事へ: Usage

ヘルプとサポート

この記事はお役に立ちましたか?

フィードバック