Web Application Firewall (Legacy)
This article explains the legacy version of WAF that will undergo end-of-life on June 30, 2021. Our new version of WAF expands upon all of the capabilities offered by WAF and Rate Limiting with a simplified and centralized setup. Please upgrade to the latest version of WAF at your earliest convenience.
This feature requires the Web Application Firewall platform which must be purchased separately. Contact your CDN account manager to activate it.
Category: WAF
Purpose: Allows Web Application Firewall to screen requests.
A Web Application Firewall instance must be defined for this feature. The selected instance determines how traffic will be screened and whether unwanted traffic will be blocked or simply generate alerts.
Default Behavior: Disabled
Best Practices
It is strongly discouraged to perform either of the following actions:
- Delete a WAF instance while it is associated with this feature.
- Delete a WAF profile assigned to a WAF instance associated with this feature.
The proper way to apply a new WAF instance or profile is described below.
To apply a new WAF instance
- Create the desired WAF instance.
- Create a draft from the policy deployed to the Production environment.
- Assign the new WAF instance to this feature.
- Lock the draft and deploy it to the Production environment.
- Optional. Delete the old version of the WAF instance.
To apply a new WAF profile
- Create the desired WAF profile.
- Update the WAF instance associated with this feature to use the new WAF profile.
- Optional. Delete the old version of the WAF profile.