Switching WAF Working Mode

You can change the working mode of WAF. WAF can work in Enabled or Suspended mode.

Prerequisites

The domain name of the website to be protected has been connected to WAF.

Application Scenarios

  • Enabled: In this mode, WAF defends your website against attacks based on configured policies.

  • Suspended: If a large number of normal requests are blocked, for example, status code 418 is frequently returned, then you can switch the mode to Suspended. In this mode, your website is not protected because WAF only forwards requests. It does not scan for or log attacks. This mode is risky. You are advised to use the false alarm masking rules to reduce false alarms.

Impact on the System

In the Suspended mode, your website is not protected because WAF only forwards requests. It does not scan for attacks. To avoid normal requests from being blocked, configure false alarm masking rules, instead of using the Suspended mode.

Procedure

  1. Log in to the management console.

  2. Click image1 in the upper left corner of the management console and select a region or project.

  3. Click image2 in the upper left corner and choose Web Application Firewall under Security.

  4. In the navigation pane, choose Website Settings.

  5. In the row containing the target website, click Switch Mode in the Mode column.

  6. In the Switch Mode dialog box, select a working mode and then click OK.

last updated: 2024-11-08 14:20 UTC - commit: 3d7e87e2762d0d183bd2e3d9c35302c29ab1233b