The WEB Firewall Self-Service provides guides to create and operate WEB Firewall instances for the protection of web servers. This document shows how to use the WEB Firewall Self-Service.
To enable WEB Firewall, login to NHN Cloud Console and click Security > WEB Firewall on the service list.
※ Prices are charged immediately after an instance is created.
Select and delete WEB Firewall instances.
※ Since traffic goes through WEB Firewall , while it is configured, deleting an instance during service may cause service failure. ※ Check if your web service is in service before deleting an instance.
※ Security groups are set as below for reliable IPs and ports, like below.
Direction | IP Protocol | Port Range | Remote | Description |
---|---|---|---|---|
Ingress | TCP | 80 (HTTP) | 0.0.0.0/0 (CIDR) | Web service port |
Ingress | TCP | 443 (HTTPS) | 0.0.0.0/0 (CIDR) | Web service port |
Ingress | TCP | 8443 | x.x.x.x/32 (CIDR) | WEB Firewall management port (allows manager IP only) |
Ingress | TCP | 22 (SSH) | x.x.x.x/32 (CIDR) | WEB Firewall terminal port (allows manger IP only) |
Ingress | ICMP | - | 192.168.0.0/24 (CIDR) | Health check communication between WEB Firewall and web servers |
※ Health checks for WEB Firewall are based on ICMP, and if health check fails for web servers, the web service does not operate.
Follow the guide for WEB Firewall initial setting, including the following:
Guide for WEBFRONT-KS Initial Settings * After initial setting is completed, change your DNS setting to WEB Firewall floating IP, to lead the domain traffic you need to protect to go through WEB Traffic. * The PLOS of the web firewall must be updated to the latest version as specified in the release note provided by the manufacturer. * To download release note: Access firewall > SYSTEM > General Settings > Manage PLOS > Download PLOS > Download.
Read through the WEB Firewall configuration description to run equipment, including the following:
Description of WEBFRONT-KS Application Configuration Description of WEBFRONT-KS System Configuration
※ Self-Service provides User Guides only, while Managed Service supports with operations and around-the-clock security surveillance service.