# How to Use WAF on HI GIO Portal ## **Overview** *This document guides how to use WAF on the HI GIO Portal to protect your virtual services from attacks and proactively prevent threats.* 1. *Configure Allowlist Rules for a Virtual Service* 2. *Edit the WAF Signatures for a Virtual Service* ## **Procedure** {% tabs %} {% tab title="I. Configure Allowlist Rules for a Virtual Service" %} {% hint style="info" %} You can use the allowlist functionality to define match conditions and associated actions for the WAF to perform when processing a request. {% endhint %} **Step 1:** Log in to the HI GIO portal, select **Networking** > **Edge Gateways** > Select Edge Gateway name from the primary left navigation panel.

**Step** **2:** Select **Virtual Services** > Click the virtual service name on the Load Balancer menu.

**Step** **3:** Select the **WAF** tab > **Allowlist Rules** > **NEW** to create a new rule.

**Step** **4:** Enter the rule name > To activate the rule upon creation, turn on the **Active** toggle > Select match criteria > Select an action to apply upon a match > **Add**.

| Match Criteria | Description | | ----------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | Client IP Address |

Select Is or Is Not to indicate whether to perform an action if the client IP matches or doesn't match the value that you enter.
Enter an IPv4 address, or an IPv6 address, or a range, or a CIDR notation.
(Optional) To add more IP addresses, click Add IP.

| | HTTP Method |

Select Is or Is Not to indicate whether to perform an action if the HTTP method matches or doesn't match the value that you enter.
From the drop-down menu, select one or more HTTP methods.

| | Path |

Enter a path string.

The path doesn't need to begin with a forward slash (/).

(Optional) To add more paths, click Add Path.

| | Host Header |

Select a criterion for the host header.
Enter a value for the header.

| | **Actions** | **Description** | | -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------- | | Bypass | The WAF does not execute any further rules and the request is allowed. | | Continue | Stops the allowlist execution and proceeds with WAF signature evaluation. | | Detection Mode | The WAF evaluates and processes the incoming request, but does not perform a blocking action. A log entry is created when the request is flagged. | | {% endtab %} | | {% tab title="II. Edit the WAF Signatures for a Virtual Service" %} You can edit the WAF signatures for a virtual service - you can change a signature mode from Detection to Enforcement or the reverse, or, if necessary, deactivate a signature or a signature group. **Step** **1:** In the **WAF** tab, under the **General** section > click **EDIT** to edit the WAF configuration

**Step** **2:** Edit WAF general settings

| **Settings** | | | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | WAF State | Active/Deactive | | Mode |

Detection: In this mode, WAF policy will evaluate the incoming request. A log entry is created when this request is flagged.
Enforcement: In this mode, WAF policy will evaluate and block the request based on the specified rules.

| **Step 3:** In the WAF tab, under **the Signature Groups section, you can see the signature groups** included in your WAF policy. You can see if they are actively in use or not. You can also see the number of active rules in each group and the number of rules that have been overridden manually.

**Step 4:** Under **Signature Groups**, click the expand button on the left of the signature group you want to edit.

**Step 5:** To edit the signatures of a group, click **Edit Signatures** and select an action > **SAVE**.

{% endtab %} {% endtabs %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.higiocloud.vn/network/3.-load-balancer/how-to-use-waf-on-hi-gio-portal.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.