The content of this page has been automatically translated by AI. If you encounter any problems while reading, you can view the corresponding content in Chinese.
Help & Documentation>Web Application Firewall>FAQs>Integration>Real Server

Real Server

Last updated: 2024-11-26 09:55:39

Can the real server IP added to WAF be the private IP of a Tencent Cloud CVM instance?

When adding a domain name to WAF, the real server address must be a domain name or a public IP, such as CVM public IP, CLB public IP, or Egress IP of other local IDCs, while a CVM private IP is not supported.

What is the purpose of an origin IP?

The origin-pulling IP is automatically assigned after configuring the protected domain in a SaaS-type WAF. When WAF forwards traffic to the customer origin server, it will use these origin-pulling IP addresses as the source address. Therefore, users need to set the WAF origin-pulling IP addresses as trusted IPs on the server. To achieve better protection, it is recommended that the origin server only allows access traffic from the WAF origin-pulling IPs.

How many real server IPs can be set for one protected domain name in WAF?

Up to 50 origin server IPs can be set for one protected domain name in WAF.

How does the traffic balancing work when multiple real servers are configured in WAF?

If multiple forwarding IPs are configured, WAF achieves load balancing for access requests by polling.

Does WAF automatically add a forwarding IP range to a security group?

WAF does not automatically add a high-defense forwarding IP range to a security group. Please refer to Getting Started to add the relevant forwarding IP to the security group.
中国站 - English