解除正常访问网站被拦截的误报

<p class="shortdesc">购买Web应用防火墙,并添加站点后,就会对您的网站开启SQL注入、跨站脚本攻击、网页木马上传等攻击的拦截操作,但是不排除出现个别正常请求中包含有攻击特征,被拦截的可能。当网站的正常访问被误拦截时,您可以找到发出本次误拦截的策略ID,再关闭该站点的策略ID,即可解除正常访问网站被拦截的误报。</p> <p class="p"><strong class="ph b">防护措施</strong></p> <section class="section" id="bestpractices_0004__section_ovw_c5z_3mb"><h2 class="doc-tairway">获取策略ID</h2> <ol class="ol" id="bestpractices_0004__ol_y3p_ptz_3mb"> <li class="li">登录<a class="xref" href="/console/pwaf" target="_blank">Web应用防火墙Waf控制台</a>。</li> <li class="li">在<span class="keyword wintitle">概览</span>页面<span class="keyword wintitle">资源状态</span>区域,单击<span class="ph uicontrol">管理</span>。</li> <li class="li">在网站安全防护系统左侧导航栏中,单击<span class="ph menucascade"><span class="ph uicontrol">安全运营</span><abbr> > </abbr><span class="ph uicontrol">日志查询</span></span>。</li> <li class="li">选择<span class="keyword wintitle">攻击日志</span>页签,在<span class="ph uicontrol">查询条件</span>区域,输入攻击域名、客户端IP、攻击时间范围,单击<span class="ph uicontrol">搜索</span>。</li> <li class="li">在<span class="keyword wintitle">日志列表</span>区域,找到目标攻击信息,单击操作列的<span class="ph uicontrol">详情</span>。</li> <li class="li">在<span class="keyword wintitle">日志详情</span>页面,即可查看到策略ID。<img class="image" id="bestpractices_0004__image_tsd_zvz_3mb" src="https://obs-cn-shanghai.yun.pingan.com/pcp-portal/20203112110411-13b6c8129dd8.jpg" width="830"><div class="note note note_note"><span class="note__title">说明:</span> 规则ID即为策略ID。</div></li> </ol> </section> <section class="section" id="bestpractices_0004__section_j1g_hyz_3mb"><h2 class="doc-tairway">禁用策略ID</h2> <div class="p"> <ol class="ol" id="bestpractices_0004__ol_eff_jyz_3mb"> <li class="li">在网站安全防护系统左侧导航栏中,单击<span class="ph menucascade"><span class="ph uicontrol">安全运营</span><abbr> > </abbr><span class="ph uicontrol">防护策略</span></span>。</li> <li class="li">在页面右上角输入策略ID,单击搜索图标。</li> <li class="li">页面中出现目标策略信息,在目标策略ID操作列单击<span class="ph uicontrol">禁用</span><img class="image" id="bestpractices_0004__image_g3s_fww_mmb" src="https://obs-cn-shanghai.yun.pingan.com/pcp-portal/20203112110411-180b09899db2.jpg" width="830">。<p class="p">防护策略配置说明如下:</p><table class="table" id="bestpractices_0004__table_cg5_4d1_jmb"><caption></caption><colgroup><col><col></colgroup><thead class="thead"> <tr class="row"> <th class="entry" id="bestpractices_0004__table_cg5_4d1_jmb__entry__1">配置项</th> <th class="entry" id="bestpractices_0004__table_cg5_4d1_jmb__entry__2">说明</th> </tr> </thead><tbody class="tbody"> <tr class="row"> <td class="entry" headers="bestpractices_0004__table_cg5_4d1_jmb__entry__1 "> <p class="p">策略ID</p> </td> <td class="entry" headers="bestpractices_0004__table_cg5_4d1_jmb__entry__2 "> <p class="p">指规则的ID号。</p> </td> </tr> <tr class="row"> <td class="entry" headers="bestpractices_0004__table_cg5_4d1_jmb__entry__1 "> <p class="p">策略名称</p> </td> <td class="entry" headers="bestpractices_0004__table_cg5_4d1_jmb__entry__2 "> <p class="p">指规则的名称。</p> </td> </tr> <tr class="row"> <td class="entry" headers="bestpractices_0004__table_cg5_4d1_jmb__entry__1 "> <p class="p">策略描述</p> </td> <td class="entry" headers="bestpractices_0004__table_cg5_4d1_jmb__entry__2 "> <p class="p">指规则的详细描述。</p> </td> </tr> <tr class="row"> <td class="entry" headers="bestpractices_0004__table_cg5_4d1_jmb__entry__1 "> <p class="p">状态</p> </td> <td class="entry" headers="bestpractices_0004__table_cg5_4d1_jmb__entry__2 "> <p class="p">指规则的策略状态,默认为启用。</p> <p class="p">禁止分为以下两种状态:</p> <ul class="ul" id="bestpractices_0004__ul_yqn_vd1_jmb"> <li class="li">禁用:全局禁用,指规则全局失效。</li> <li class="li">局部禁用:站点级禁用或url级禁用,指规则某些站点范围失效。</li> </ul> <p class="p">检测分为以下两种状态:</p> <ul class="ul" id="bestpractices_0004__ul_adp_yd1_jmb"> <li class="li">检测:全局检测,指规则全局检测。</li> <li class="li">局部检测:站点级检测或url级检测,指规则某些站点范围检测。</li> </ul> </td> </tr> <tr class="row"> <td class="entry" headers="bestpractices_0004__table_cg5_4d1_jmb__entry__1 "> <p class="p">威胁级别</p> </td> <td class="entry" headers="bestpractices_0004__table_cg5_4d1_jmb__entry__2 "> <p class="p">指规则的威胁等级,分为高、中、低三级。</p> </td> </tr> <tr class="row"> <td class="entry" headers="bestpractices_0004__table_cg5_4d1_jmb__entry__1 "> <p class="p">操作</p> </td> <td class="entry" headers="bestpractices_0004__table_cg5_4d1_jmb__entry__2 "> <div class="p">有禁用和检测两种操作:<ul class="ul" id="bestpractices_0004__ul_dgk_421_jmb"> <li class="li">禁用:支持对站点级和url级禁用防护策略。<p class="p">站点级:勾选站点,点击增加或删除配置实现策略对站点的开启和禁用;</p><p class="p">搜索站点,选择后鼠标移至站点,在输入框内输入URL,可输入多个,以换行分隔,点击确认生效。</p></li> <li class="li">检测:支持对站点级和url级开启防护策略,配置方法同禁用。</li> </ul></div> </td> </tr> </tbody></table></li> <li class="li">在<span class="keyword wintitle">策略配置-禁用</span>页面,<ul class="ul" id="bestpractices_0004__ul_rzw_mc1_jmb"> <li class="li">若是进行站点级配置,勾选目标站点单击<span class="ph menucascade"><span class="ph uicontrol">添加配置</span><abbr> > </abbr><span class="ph uicontrol">确定</span></span>。<img class="image" id="bestpractices_0004__image_yd2_4c1_jmb" src="https://obs-cn-shanghai.yun.pingan.com/pcp-portal/20203112110411-19bc699f9e17.jpg" width="830"></li> <li class="li">若为URL级配置,输入URL参数,单击<span class="ph uicontrol">确认</span>。<img class="image" id="bestpractices_0004__image_igt_wc1_jmb" src="https://obs-cn-shanghai.yun.pingan.com/pcp-portal/20203112110411-1adb19479f57.jpg" width="830"></li> </ul></li> </ol> </div> </section>
以上内容是否解决了您的问题?
请补全提交信息!
咨询·建议

电话咨询 - 7x24 小时

400-151-8800

邮件咨询

cloud@pingan.com

在线客服

7x24 小时,急速解答

工单支持

解决云产品相关技术问题