How do I use WAF together with CDN or Anti-DDoS Pro services?
You can use WAF with Anti-DDoS Pro directly, or use it with CDN by setting the CDN origin server IP as the IP of a WAF instance. Recommended deployment architecture: Client > CDN > WAF + Anti-DDoS Pro > CLB > Origin Server.
If you need the CDN and Anti-DDoS capabilities, simply set the CNAME provided after the connection to WAF as the CDN origin server, and associate Anti-DDoS Pro with the WAF instance. In this way, the user traffic, after going through CDN, is forwarded to WAF, which has the capability of cleansing high-traffic DDoS attacks, and finally reaches the real server for full protection.
How do I connect a CDN domain name to WAF?
If the CDN domain name is already connected, simply set the CNAME address assigned by WAF as the CDN origin server. The traffic will flow according to the architecture of user > CDN > WAF > CLB > origin server. Additionally, you can log in to the WAF console, navigate to the Add Domain Name page, and select 'Yes' for the proxy option. WAF will then use the XFF field in the HTTP header to obtain the client's real IP, ensuring proper protection.
