NSFOCUS WAF secures data transmission by restricting domain names, URLs, and request methods, and it can improve transmission security by converting ordinary HTTP requests into HTTPS requests forcibly.
Configure HTTP and HTTPS sites and ensure that both HTTP and HTTPS sites can be accessed.
Step 1: Click Security Management > Website Protection > Website Group > Secure Data Transfer, and click the Create button in the upper right corner of the table.
Step 2: Edit the policy
- Policy Name: User-defined
- Domain Name: Be consistent with the virtual website domain name
- Alert or Not: Choose Yes or No
- Included URL: Fill in it according to the business scenario or * means all URL
- Excluded URL: Fill in it according to the business scenario
- Method: Fill in it according to the business scenario
- Action: Block, Accept or Redirection
- If you choose to redirection, the optional redirection paths include Custom, Current URL HTTPS, and Previous page.
- The Current URL HTTPS Port needs to be the same as the HTTPS port of the currently protected site.
Protection logs can be viewed at Logs & Reports > Security Protection Logs > Web Security Logs