Li, Qiao aea4b89c6e WAF Dedicated User Guide 20231030 version.

Reviewed-by: Rogal, Marcel <mrogal@noreply.gitea.eco.tsi-dev.otc-service.com>
Co-authored-by: Li, Qiao <qiaoli@huawei.com>
Co-committed-by: Li, Qiao <qiaoli@huawei.com>

2024-10-01 07:48:08 +00:00

1.5 KiB

Raw Permalink Blame History

Can WAF Defend Against the Apache Struts2 Remote Code Execution Vulnerability (CVE-2021-31805)?

Yes. WAF basic web protection rules can defend against the Apache Struts2 remote code execution vulnerability (CVE-2021-31805).

Follow the procedure below to complete the configuration.

Configuration Procedure

Apply for a dedicated WAF instance.
Add the website domain name to WAF and connect it to WAF. For details, see Connecting a Website to WAF (Dedicated Mode) or Connecting a Website to WAF (ELB Access Mode).
In the Basic Web Protection configuration area, set Mode to Block. For details, see Configuring Basic Protection Rules to Defend Against Common Web Attacks.

Parent topic: About WAF

1.5 KiB Raw Permalink Blame History

Can WAF Defend Against the Apache Struts2 Remote Code Execution Vulnerability (CVE-2021-31805)?

Configuration Procedure

1.5 KiB

Raw Permalink Blame History