Web Application Firewall

Web Application Firewall is an application security protection product that conducts security and compliance protection for website or APP service. It Identifies and processes malicious traffic through malicious feature extraction and big data behavior analysis to improve the security and reliability of Web site and protect the core business and data security of the website.

Buy Now


AI+ Behavior Analysis and Detection
On the basis of OWASP TOP 10 defense, the AI defense capability is introduced to improve the detection rate of vulnerabilities, reduce the false alarm rate of security incidents and respond quickly to security threats.
Multi-package Purchase
A user can purchase a variety of WAF package types. Each package report and security protection rules are independent, which can meet the requirements of data management and security customization, and respond quickly to personalized customization requirements.
Security Visualization
By default, the detailed report analysis, full log search and alarm function are provided to have a comprehensive understanding of service bandwidth usage and business security for rapid decision-making and handling of security issues.
High-reliability and High-availability Service
Business reliability is automatically monitored at backend for dynamic scheduling, so as to provide high-reliability and high-availability WAF protection services.
Opening-up of Security Capability
By fully opening up the security capability of customized rules and introducing semantics analysis engine, users can customize security protection policies by means of regular or character string to meet personalized defense needs.


Web Attack Protection

OWASP TOP 10 Threat Protection

Effectively defense OWASP TOP 10 attacks such as SQL injection, XSS attack, command/code execution, file include, webshell upload, path traversal and malicious scan. Professional attack-defense team will follow up 0day vulnerability 7*24 hours, analyze vulnerability principle and develop security protection policies for timely protection.

AI Detection and Behavior Analysis

Through the study and training of JD's accumulated massive logs, a variety of Web security protection models are output to conduct intelligent analysis of the multi-factor of the user's multi-request, so as to effectively improve detection rate and reduce false alarm rate. Identify the source of malicious attacks through the information island, behavior detection and analysis to protect the security of the website.

Intelligent Semantics Analysis Engine

Provide intelligent semantics analysis function to enhance SQL injection and XXS attack detection capabilities based on vulnerability defense.

CC Attack Protection

Intelligent Defense Policy

Provide the intelligent CC defense mode; analyze behavior features through AI and generate customized CC protection rules based on different business type and different server processing performance. At the same time, share attack source intelligence data according to JD Cloud whole network big data analysis ability to improve protection efficiency.

Multiple Defense Policy

Support rate-limiting model. You can develop defensive rules based on the business processing capabilities of the website or the QPS access source IP, to make effective man-machine identification for all requests exceeding the threshold, and directly block the garbage flow.

Customized Policy Customization

You can protect particular pages or interfaces according to needs, and a second-level, minute-level defense setting may be performed.

Compliance Assurance

Customized Protection Rules

HTTP protocol fields can be combined by the user to develop Identity and Access Management rules. Support setting filter criteria for region, request header and request content; support regular syntax.

Access Log Audit

Record access logs of all users; perform TOP N to access sources to provide trend analysis. The log download function can be provided as needed.

Webpage Tamper-proofing

The mandatory static cache locking and update mechanism is used for protecting specific web pages. Even though relevant web page of origin server is tampered, the cache page can be returned to the user.

Data Leakage Prevention

Process response packet; carry out identification and filtering of response content and response; set up data leakage prevention rules according to the need to protect the website data security.

HTTP Traffic Management

HTTP traffic management is supported

The Source IP or the characteristic interface access rate can be set to queue the over-rate access so as to reduce the pressure of the server.

Request Header Management

Request headers and response headers can be processed according to business needs; request header replacement or sensitive information hiding settings can be performed.

Security Visualization

Four Security Analysis Reports

By default, Web security attack reports, CC attack protection reports, user access statistics reports and customized rule hit reports are provided to meet business reporting and trend analysis requirements.

Full Log Processing

Full log search and download function are provided. You can obtain real-time log or offline log information through OpenAPI interface.

Real-time Data statistics

Bandwidth statistical information based on mean and peak values is provided; an attack bandwidth and a normal proportion are provided to focus on the business situation at any time. Provides a wide range of components to understand Workload Monitoring and change of core indicators.


Website Service

Launch a lot of vicious requests during website attack or cracker racketeering, occupy and consume core resources of the server for a long time, cause server failure (such as CPU, memory and bandwidth), and lead to slow response of website business or a failure to provide normal services.