防护策略配置

<p class="shortdesc">本章介绍如何对已接入的资产进行防护策略配置。 </p> <section class="section prereq" id="policy__prereq_uqt_rj4_nrb"><div class="tasklabel"><h2 class="doc-tairway">前提条件</h2></div> <p class="p">您已购买Web应用防火墙服务,并且完成资产接入。</p> </section> <section class="section context" id="policy__context_t4v_qkp_vrb"><div class="tasklabel"><h2 class="doc-tairway">背景信息</h2></div> <p class="p">每条防护策略默认对所有资产生效,如果希望某个资产不启用某一条策略,可以单击该策略后面的<span class="ph uicontrol">禁用</span>,在禁用配置页面勾选站点并新增配置,系统不再使用这条策略对站点进行防护。</p> <p class="p">对某条策略选择检测时,当访问站点的流量匹配该策略时,WAF会 放行流量,只记录日志。</p> </section> <section><div class="tasklabel"><h2 class="doc-tairway">操作步骤</h2></div><ol class="ol steps"><li class="li step stepexpand"> <span class="ph cmd">登录<a class="xref" href="https://pinganyun.com/" target="_blank" rel="external noopener">平安云官网</a>。</span> </li><li class="li step stepexpand"> <span class="ph cmd">单击页面右上角<span class="ph uicontrol">控制台</span>按钮。</span> </li><li class="li step stepexpand"> <span class="ph cmd">输入账号名和密码,通过验证,单击<span class="ph uicontrol">确定</span>,登录控制台。</span> </li><li class="li step stepexpand"> <span class="ph cmd">在左侧导航栏中单击<span class="ph menucascade"><span class="ph uicontrol">全部产品</span><abbr> > </abbr><span class="ph uicontrol">Web应用防火墙</span></span> ,进入<span class="keyword wintitle">概览</span>页面。</span> </li><li class="li step stepexpand"> <span class="ph cmd">单击<span class="ph uicontrol">管理</span>跳转到<span class="keyword wintitle">防护概览</span>页面,单击左侧导航栏<span class="ph menucascade"><span class="ph uicontrol">防护配置</span><abbr> > </abbr><span class="ph uicontrol">防护策略配置</span></span>,进入<span class="keyword wintitle">防护策略配置</span>页面。</span> </li><li class="li step stepexpand"> <span class="ph cmd">根据需要选择匹配模式,系统支持以下两种模式:</span> <div class="itemgroup info"> <ul class="ul" id="policy__ul_fqg_hnp_vrb"> <li class="li">极速模式:启用后,WAF对站点上静态资源的访问流量不进行安全检测,可以提高转发效率,从而提升访问速度,适用于对安全要求不高的场景。</li> <li class="li">极速模式:系统对资产上所有资源的访问流量都进行安全检测。</li> </ul> </div> </li><li class="li step stepexpand"> <span class="ph cmd">在右上角选择威胁等级或输入站点域名、策略名称/ID,单击<span class="ph uicontrol">搜索</span>可以对指定策略进行配置。</span> <div class="itemgroup info"> <img class="image" id="policy__image_q12_g2m_rrb" src="https://pcp-portal-sca.obs-cn-shenzhen.pinganyun.com/pcp-portal-sca/20231704193310-1c49ec9f981a.png" width="830"> </div> </li><li class="li step stepexpand"> <span class="ph cmd">选择目标策略,单击<span class="ph uicontrol">禁用</span>进入<span class="keyword wintitle">策略配置-禁用</span>页面。</span> <div class="itemgroup info"> <img class="image" id="policy__image_kpb_42m_rrb" src="https://pcp-portal-sca.obs-cn-shenzhen.pinganyun.com/pcp-portal-sca/20231704193310-1141ca959a23.png" width="700"> <p class="p">根据实际需求选择基于<strong class="ph b">站点级</strong>或<strong class="ph b">URL级</strong>禁用:</p> <ul class="ul" id="policy__ul_fjx_v2m_rrb"> <li class="li">站点级禁用:搜索找到目标站点,选中并单击<span class="ph uicontrol">增加配置</span>,那么这条策略对选中的站点不再生效。<img class="image" id="policy__image_snm_jfm_rrb" src="https://pcp-portal-sca.obs-cn-shenzhen.pinganyun.com/pcp-portal-sca/20231704193310-14b784dd9bd5.png" width="650"></li> <li class="li">URL级禁用:先输入站点域名,再输入具体URL,然后单击<span class="ph uicontrol">确认</span>,则此条策略对于该URL不再生效。<img class="image" id="policy__image_jc4_5fm_rrb" src="https://pcp-portal-sca.obs-cn-shenzhen.pinganyun.com/pcp-portal-sca/20231704193310-1c9f3560943b.png" width="650"></li> </ul> </div> <div class="itemgroup info"> <div class="note note note_note" id="policy__note_atp_zfm_rrb"><span class="note__title">说明:</span> <ul class="ul" id="policy__ul_j3q_bgm_rrb"> <li class="li">检测与禁用的配置方法一致。</li> <li class="li">如果某单条策略针对同一个站点既开启了站点级禁用,又开启了站点级检测,那么最终该站点的对应策略是禁用状态。</li> <li class="li">如果某策略针对一个站点,开启了站点级禁用的同时,又开启了URL级检测,最终该站点的对应策略是禁用状态。</li> </ul> </div> </div> </li></ol></section>
以上内容是否解决了您的问题?
请补全提交信息!
咨询·建议

电话咨询

400-151-8800

邮件咨询

cloud@pingan.com

在线客服

工单支持

解决云产品相关技术问题