Access SaaS Version UWAF
The SaaS version of UWAF is a product that is deployed in front of the Web server and provides protection for businesses through forwarding proxies. By detecting the content of traffic, it resists attack behaviors including SQL injection, XSS attacks, vulnerability attacks, and malicious scanning. It escorts the normal operation of the website.
Before accessing UWAF:
After accessing UWAF:
Purchase UWAF
Log in to the UCloud Global console, select UWAF from the product list: [All Products] -> [Security Protection] -> [WEB Application Firewall UWAF], then click [Start Using] (if not activated, please activate the service first).
Parameter Description
| Parameter | Description |
|---|---|
| Type | The regional type of UWAF deployment, which includes mainland China, Hong Kong, Macao, Taiwan, overseas regions, and ULB special zones |
| Region | The working area generated by domain name configuration |
| Version Type | Different versions of UWAF, for detailed version differences, function, and performance comparison, please check the version selection |
| Extended Bandwidth | Additional bandwidth extensions can be provided when the bandwidth quota provided by the version does not meet business needs |
| Domain Name Expansion Package | Extra domain name extensions can be provided when the number of domain names provided by the version does not meet business needs |
| Exclusive IP points | The IP points can assign an exclusive protection IP to the user’s domain name, and additional points can be provided outside the version quota |
| Log Expansion Package | Offer 180 days of log storage and download services to meet equal protection requirements, flagship version and above comes with log expansion package |
| Advanced Features | Advanced features apart from the basic Web protection function, for specific descriptions, please check function description |
| IPv6 | IPV6 extension pack, when enabled, an additional domain name can be deployed to the IPv6 region to provide IPv6 access |
| Customized Requirements | You can adjust some functions that can’t be adjusted on the console as needed, please consult the technical support for details |
After purchasing the appropriate UWAF, you can connect your business to UWAF according to the following steps.
Add Domain Name
-
Click [Domain Management] -> [Add Domain]
-
Fill in the domain name and corresponding domain name source station address in the pop-up window, the domain name can be a generic domain name or a complete subdomain. After clicking [OK], obtain the generated CNAME information on the interface, after adding the domain name, you can click [Edit] after the corresponding domain name in [Domain Management] to modify the domain name
-
Show of Domain Information
-
For HTTPS sites, you need to upload the SSL certificate of the site. If the certificate is purchased from USSL or the certificate is hosted on USSL, the certificate of the corresponding domain name will be automatically pulled when the HTTPS site is added.
Explanation of each domain name configuration can be found here.
!> Note:
The domain name must be filed already, domain names that are not filed cannot be added. Hong Kong, Macao, and Taiwan and overseas regions are not restricted by filing.
Local Test
- Use the ping command to get the IP address corresponding to the CNAME protection domain name
- Open the hosts file, modify the client’s hosts record, and point the site domain name to the IP address obtained in step 1)
?> Explanation:
Windows system hosts file path: c:\windows\system32\drivers\etc\hosts
macOS system hosts file path: /private/etc/hosts
Linux system hosts file path: /etc/hosts
Modify DNS Record
After obtaining the CNAME value of the corresponding domain name, you need to add a CNAME record at the DNS service provider, correctly resolve the site’s domain name to the CNAME protection domain name provided by UWAF, if you use DNSPod’s resolution service, you can add a CNAME record to the DNSPod console, as shown in the following figure.
Test Whether the Configuration is Correct
To verify whether the CNAME resolution is completed, proceed as follows:
- On the Windows operating system, use the shortcut
WIN + R, typecmdin the pop-up box and press Enter; in Linux or macOS, open any console - Execute the command
nslookup -querytype=cname xxxxxx.uewaf.com - If the command execution result shows the configured CNAME protection domain name or the IP obtained by resolving the CNAME protection domain name, it means the configuration is successful
Mode Selection
After the user completes DNS configuration, please pay attention to check whether the domain name is now in interception mode. If not, you need to select the working mode of the domain name as interception mode in [Protection Settings]. Turn on the protection function of UWAF.