Professional Documents
Culture Documents
Technical Editing Test: Basic Information
Technical Editing Test: Basic Information
Company:
Date:
Article 1
What is Alibaba Cloud WAF?
Alibaba Cloud WAF is a web application firewall that monitors, filters, and blocks HTTP traffic to and from
web applications. Based on the big data capacity of Alibaba Cloud Security, Alibaba Cloud WAF helps
you to defend against common web attacks such as SQL injections, Cross-site scripting (XSS), web
shell, Trojan, and unauthorized access, and to filter out massive HTTP flood requests. It protects your
web resources from being exposed and guarantees your website security and availability.
Alibaba Cloud WAF is easy to deploy. Users can enable WAF protection for their website by subscribing
to Alibaba Cloud WAF, configuring the website on the WAF console, and updating the website's DNS
records using the WAF. When WAF is deployed on your website, all network traffic to the website is
inspected by WAF. WAF identifies and filters out hacker traffic, and only returns valid traffic to the origin
server.
After a WAF IP address is thrown into the blackhole, all traffic that flows through WAF (normal access or
attack) is blocked. During the blackhole period, you cannot access any domain names protected by the
WAF instance.
Note If a site is thrown into a blackhole, it can be recovered only after the blackhole period ends. The
default blackhole period lasts 150 minutes. The WAF blackhole threshold is the same as the default
threshold of the region where the ECS instance is located.
Note The best solution to traffic-heavy DDoS attacks is to use Anti-DDoS Pro to protect your domain
names.
The blackhole is a service that Alibaba Cloud purchases from the operator who imposes strict
restrictions on the time and frequency to trigger a blackhole. Therefore, you cannot manually
deactivate the blackhole, rather you have to patiently wait for the system to automatically free the
server.
In fact, even if the blackhole is deactivated immediately, it gets triggered again if WAF is still under
heavy-traffic DDoS attack.
How do I know the specific domain name that is under attack when WAF is configured with
multiple domain names?
Generally, the hacker resolves a WAF protected domain name to obtain the WAF instance’s IP
address, and then starts the DDoS attack against this IP address. Heavy-traffic DDoS attacks are
targeting at a WAF IP address. We cannot figure out the domain name that is under attack, based
on the traffic.
However, you can use the domain name split method to find out the domain name that is under
attack. For example, you can resolve some of the domain names to WAF, and the rest to some other
places (ECS origin, CDN, or SLB). If the WAF is no longer in the blackhole, it means that the
hacker’s target lies in the domain names that are resolved to other places. However, this operation
is relatively complex and may expose the origin and other assets, which may lead to a greater
security issue. Unless necessary, do not use this method to find the domain name that is under
attack.
Can you help change the WAF IP address so that my WAF is not thrown into the blackhole?
Changing the WAF IP address does not resolve the problem. A hacker can obtain your new IP
address by pinging your domain name and can start another DDoS attack. So, changing your IP
address will not be of much help.
Is there any difference between a DDoS attack and an HTTP flood attack? Why cannot WAF
defend against HTTP flood attacks?
Heavy-traffic DDoS attacks are layer 4 attacks against IP addresses; while HTTP flood attacks are
layer 7 attacks (for example, HTTP GET/POST Flood). Layer 4 attacks generate huge amounts of
volumes of traffic occupy all "inlets" to an end-resource, blocking normal requests. Layer 7 attacks
send large amounts of packets and requests to the victim, which consumes resources of
intermediate resources.
WAF can defend against DDoS attacks. However, WAF cannot defend against , it requires sufficient
bandwidth resources to take over all traffic to perform the traffic cleaning. Therefore, you can only count
on protection from Anti-DDoS Pro.
Article 2
Apply the screen protector using a self-control jig to ensure it is applied properly without bubbles.
Sharpen a Mitsubishi pencil to expose a 5 mm cylindrical lead, and rub it on a 400-grit sandpaper before
installing it on a purpose-built pencil hardness tester. Slide the pencil forward for about 5 mm at a
constant speed. Do the same in three different positions. Remove the traces with an eraser, and check if
the hardened layer on the surface of the screen protector is damaged.
The optical sensor is hidden at the center on the top of the screen, and the infrared sensor is between
the front dual cameras. Do not stain the above sensor areas or use a screen protector with low light
transmittance. If you apply a self-purchased screen protector to your phone and the phone prompts that
the infrared sensor is blocked or the screen does not wake up for incoming calls, you need to cut the
screen protector to expose the sensor areas.