Alibaba Cloud Web Application Firewall (WAF)
A web application firewall that protects web applications from various types of attacks, including SQL injections, XSS, and HTTP flood attacks.
| Category | Threat Detection & Response |
|---|---|
| This page updated | a month ago |
| Pricing Details | Billing based on queries per second (QPS) with pay-as-you-go and resource plans available. |
| Target Audience | Businesses and organizations looking to secure their web applications from various online threats. |
Alibaba Cloud Web Application Firewall (WAF) is designed to protect web applications from various types of attacks, including SQL injections, XSS, webshell uploads, and HTTP flood attacks. Here’s a technical overview of its architecture and operational considerations:
Alibaba Cloud WAF leverages intelligent computing capabilities and AI-based deep learning to provide multi-dimensional dynamic protection. It supports both cloud and hybrid cloud deployments, allowing protection clusters to be deployed in data centers as well as in the cloud. This flexibility enables protection for services across public clouds, hybrid clouds, and on-premises data centers. The WAF integrates with other Alibaba Cloud services such as Server Load Balancer (SLB), Content Delivery Network (CDN), and Elastic Compute Service (ECS), making it easy to redirect traffic to the WAF for protection.
The WAF can be configured in CNAME record mode or transparent proxy mode, depending on the deployment scenario. In CNAME record mode, DNS records need to be updated to forward traffic to the WAF, while transparent proxy mode does not require DNS changes and is based on cloud-native technologies. The WAF supports various protection rules, including custom rules, IP address blacklists, region blacklists, and HTTP flood protection rules. It also offers features like virtual patching to protect against new vulnerabilities before patches are released.
Alibaba Cloud WAF supports multiple editions, including Pro, Business, Enterprise, and Exclusive, each with different feature sets and scalability. For example, the Enterprise edition supports custom ports, IPv6 traffic protection, and deployment of origin servers on multiple nodes for disaster recovery. The billing model is based on queries per second (QPS) for WAF 3.0, with a burstable QPS feature to handle sudden traffic spikes. Resource plans and pay-as-you-go models are available to manage costs effectively.
The WAF monitors and filters HTTP and HTTPS traffic, providing real-time protection against various web attacks. It supports HTTP/2 and custom ports other than standard ports like 80, 8080, 443, and 8443. The system generates bills on a daily basis for pay-as-you-go instances and hourly for some features, with automatic billing stop when configurations are deleted or features are disabled.
In summary, Alibaba Cloud WAF offers robust web application security through its advanced architecture, flexible deployment options, and comprehensive protection features, making it a reliable choice for securing web applications in diverse environments. However, it requires careful configuration and management to fully leverage its capabilities and manage costs efficiently.