How to Use WAF on HI GIO Portal
Last updated
HI GIO User Guide EN
Last updated
This document guides how to use WAF on the HI GIO Portal to protect your virtual services from attacks and proactively prevent threats.
Configure Allowlist Rules for a Virtual Service
Edit the WAF Signatures for a Virtual Service
You can use the allowlist functionality to define match conditions and associated actions for the WAF to perform when processing a request.
Step 1: Log in to the HI GIO portal, select Networking > Edge Gateways > Select Edge Gateway name from the primary left navigation panel.
Step 2: Select Virtual Services > Click the virtual service name on the Load Balancer menu.
Step 3: Select the WAF tab > Allowlist Rules > NEW to create a new rule.
Step 4: Enter the rule name > To activate the rule upon creation, turn on the Active
toggle > Select match criteria > Select an action to apply upon a match > Add.
Client IP Address
Select Is or Is Not to indicate whether to perform an action if the client IP matches or doesn't match the value that you enter.
Enter an IPv4 address, or an IPv6 address, or a range, or a CIDR notation.
(Optional) To add more IP addresses, click Add IP.
HTTP Method
Select Is or Is Not to indicate whether to perform an action if the HTTP method matches or doesn't match the value that you enter.
From the drop-down menu, select one or more HTTP methods.
Path
Enter a path string.
The path doesn't need to begin with a forward slash (/).
(Optional) To add more paths, click Add Path.
Host Header
Select a criterion for the host header.
Enter a value for the header.
Actions
Description
Bypass
The WAF does not execute any further rules and the request is allowed.
Continue
Stops the allowlist execution and proceeds with WAF signature evaluation.
Detection Mode
The WAF evaluates and processes the incoming request, but does not perform a blocking action. A log entry is created when the request is flagged.
