How to use aaWAF
This tutorial skips the construction of the source website. By default, your website can be accessed normally before using aaWAF.
Before using aaWAF
Website architecture before using aaWAF:
Users access the website server directly
As shown in the figure: User --> Website server
Website domain and A record information:
- website domain:
156.kern123.tk
- website domain A record ip:192.168.66.152
After using aaWAF
Website architecture after using aaWAF:
User access aaWAF and then forwarded to website server
Add a new server ip:192.168.66.156
As shown in the figure: User --> aaWAF --> Website server
- Protect website and website domain:
156.kern123.tk
- aaWAF, Protect website A record IP:192.168.66.156
- Website server ip (Source address):192.168.66.152
Install aaWAF
aaWAF install tutorial:install aaWAF
I’ll skip the install here.
After the install is complete, login aaWAF and add protected website
Add protected website
Website --> Add Website
- Protected domain:
156.kern123.tk
- Source address:192.168.66.152
- The website of the website server does not have an ssl certificate setup, so use http
- It can be used if an SSL certificate is setup
https
- If the website uses Forced HTTPS, please use
https
and deploy an SSL certificate, otherwise it will prompt you with too many redirects.
Tip: Enter according to your actual situation, Check domain may not be accurate
Add protected website is complete
Modify A record IP of the website domain name to IP of the aaWAF server. Please go to the domain name vendor modify the A record.
Modify from 192.168.66.152 to 192.168.66.156
Tip: Modify domain A record will take 1 to 10 minutes (or more) to take effect.
From 192.168.66.152
Modify to 192.168.66.156
How check whether A record is valid:
For Windows systems, can use Win+R or click the "Start" button in the lower left corner open the "Start" menu, open "Run", enter cmd
and press Enter.
At the command prompt enter nslookup domain
Test aaWAF
After A record of domain takes effect
Test whether aaWAF is used successfully
Browser accesses domain
Use browser access website domain name:
http://156.kern123.tk
Successfully accessed the website:
View access data from aaWAF
Overview
Requests today、Malicious requests increased by 1
Website --> 156.kern123.tk
Today Requests/Block increased by 1
Tutorial summary
Increase:
- Add server install aaWAF
- Add protected website in aaWAF
Modify:
- Modify A record IP of the website domain to aaWAF IP
Unchanged:
- Website server configuration remains unchanged
- Domain name the user visits remains unchanged
If cannot solve it or have problems during use, please Start a Discussion in the forum.