Protection Sites Management
In WAF products, the protected server is usually configured and managed in the form of a protected site. The corresponding protection policy includes an attack detection module and a custom rule module.
Protection strategy management
This function provides the most important protection and detection capabilities, and currently cover a total of 15 types of attack detections including: SQL injection, XSS, intelligence detection, CSRF, SSRF, deserialization (Java deserialization, PHP deserialization), code injection (PHP code injection, Java code injection, ASP code injection), file upload, file inclusion, command injection, bots, and server response.
Custom rule protection is another WAF protection method, which takes effect on the site range configured by the rule.
Custom rules are used as a supplement to the protection strategy, or some emergency protection measures to detect the traffic passing through the WAF-configured site. Currently, there are four rule modes in the custom rule section: interception, release, observation, and detection module control.
SSL Certificate Management
SSL certificate management can protect HTTPS sites by configuring SSL certificates and the SSL certificates used by the system itself. When the deployment Thunder Pool is in transparent bridge or traffic mirroring mode, HTTPS traffic detection cannot be configured.