Deploy WAAS for serverless functions

Create a WAAS rule for serverless

When Serverless Defender is embedded in a function, it offers built-in web application firewall (WAF) capabilities, including protection against:
  • SQL injection (SQLi) attacks
  • Cross-site scripting (XSS) attacks
  • Command injection (CMDi) attacks
  • Local file system inclusion (LFI) attacks
  • Code injection attacks
Some protections are not available for WAAS serverless deployment.
Prerequisites:
You already embedded Serverless Defender into your function.
  1. Open Console and go to
    Defend > WAAS > Serverless
    .
  2. Click
    Add rule
    .
  3. Enter a rule name.
  4. Choose the rule
    Scope
    by specifying the resource collection(s) to which it applies.
    Collections define a combination of functions to which WAAS should attach itself to protect the web application:
    Use pattern matching to precisely target your rule.
  5. Select the protections to enable.
  6. Select
    Alert
    or
    Prevent
    .
  7. If necessary, adjust the
    Proxy timeout
    The maximum duration in seconds for reading the entire request, including the body. A 500 error response is returned if a request is not read within the timeout period. For applications dealing with large files, adjusting the proxy timeout is necessary.

Recommended For You