Adding a Reference Table

This topic describes how to create a reference table to batch configure protection metrics of a single type, such as Path, User Agent, IP, Params, Cookie, Referer, and Header. A reference table can be referenced by CC attack protection rules and precise protection rules.

New reference tables will be synchronized to CC attack protection rules and precise protection rules. When you configure a CC attack protection rule or precise protection rule, if the Logic field in the Trigger list is set to Include any value, Exclude any value, Equal to any value, Not equal to any value, Prefix is any value, Prefix is not any value, Suffix is any value, or Suffix is not any value, you can select an appropriate reference table from the Content drop-down list.

If you have enabled enterprise projects, ensure that you have all operation permissions for the project where your WAF instance locates. Then, you can select the project from the Enterprise Project drop-down list and configure protection policies for the domain names in the project.

Prerequisites

A website has been added to WAF.

Application Scenarios

You can use a reference table when you configure protection fields in batches for CC attack protection rules and precise access protection rules.

Procedure

  1. Log in to the management console.
  2. Click in the upper left corner of the management console and select a region or project.
  3. Click in the upper left corner and choose Web Application Firewall (Dedicated) under Security.
  4. In the navigation pane on the left, choose Website Settings.
  5. In the Policy column of the row containing the target website, click the number to go to the policy configuration page.
  6. In the CC Attack Protection or Precise Protection area, click Customize Rule.
  7. Click Reference Table Management in the upper left corner of the list.

    Figure 1 Reference Table Management

  8. On the Reference Table Management page, click Add Reference Table.

    Figure 2 Add Reference Table

  9. In the Add Reference Table dialog box, specify the parameters by referring to Table 1.

    Figure 3 Adding a reference table
    Table 1 Parameter description

    Parameter

    Description

    Example Value

    Name

    Table name you entered

    test

    Type
    • Path: A URL to be protected, excluding a domain name
    • User Agent: A user agent of the scanner to be protected
    • IP: An IP address of the visitor to be protected.
    • Params: A request parameter to be protected
    • Cookie: A small piece of data to identify web visitors
    • Referer: A user-defined request resource

      For example, if the protected path is /admin/xxx and you do not want visitors to be able to access it from www.test.com, set Value to http://www.test.com.

    • Header: A user-defined HTTP header

    Path

    Value

    Value of the corresponding Type. Wildcards are not allowed.

    NOTE:

    Click Add to add more than one value.

    /buy/phone/

  10. Click Confirm. You can then view the added reference table in the reference table list.

Other Operations

Parent topic: Rule Configuration