- Release Notes and Announcements
- Release Notes
- Product Announcement
- Security Advisory
- Notice for Apache Log4j 2 RCE Vulnerability (CVE-2021-44832)
- Notice for Apache Log4j 2 RCE Vulnerability (CVE-2021-45046)
- Notice for Apache Log4j 2 RCE Vulnerability (CVE-2021-44228)
- Notice for WebLogic Console HTTP RCE Vulnerability
- Notice for Exchange Server Command Execution Vulnerability
- Notice for Yonyou GRP-U8 SQL Injection Vulnerability
- Notice for Apache Cocoon XXE Vulnerability (CVE-2020-11991)
- Notice for WordPress File Manager Arbitrary Code Execution Vulnerability
- Jenkins Security Advisory for September
- Notice for Apache Struts 2 RCE Vulnerabilities (CVE-2019-0230 and CVE-2019-0233)
- Notice for Apache SkyWalking SQL Injection Vulnerability (CVE-2020-13921)
- User Guide
- Product Introduction
- Purchase Guide
- Getting Started
- Operation Guide
- Practical Tutorial
- API Documentation
- History
- Introduction
- API Category
- Making API Requests
- Asset Management APIs
- Billing APIs
- Protection Settings APIs
- AddAntiFakeUrl
- AddAntiInfoLeakRules
- DeleteAntiFakeUrl
- DeleteSession
- DescribeAntiFakeRules
- DescribeAntiInfoLeakageRules
- DescribeCCRule
- DescribeCCRuleList
- DescribeCustomRuleList
- DescribeCustomWhiteRule
- DescribeDomainVerifyResult
- DescribeModuleStatus
- DescribeObjects
- DescribeRuleLimit
- DescribeSession
- DescribeSpartaProtectionInfo
- DescribeUserLevel
- ModifyAntiFakeUrl
- ModifyAntiInfoLeakRuleStatus
- ModifyAntiInfoLeakRules
- ModifyCustomRule
- ModifyCustomRuleStatus
- ModifyCustomWhiteRule
- ModifyCustomWhiteRuleStatus
- ModifyModuleStatus
- ModifyObject
- ModifyProtectionStatus
- ModifySpartaProtectionMode
- ModifyUserLevel
- ModifyUserSignatureRule
- SwitchElasticMode
- Other APIs
- AddCustomWhiteRule
- DeleteAntiInfoLeakRule
- DeleteCCRule
- DeleteCustomRule
- DeleteCustomWhiteRule
- DescribeDomainCountInfo
- DescribeFindDomainList
- DescribeHost
- DescribeHostLimit
- DescribeHosts
- DescribeInstances
- DescribeUserDomainInfo
- DescribeWebshellStatus
- FreshAntiFakeUrl
- ModifyAntiFakeUrlStatus
- ModifyBotStatus
- ModifyDomainsCLSStatus
- ModifyHostMode
- ModifyHostStatus
- ModifyInstanceElasticMode
- ModifyInstanceName
- ModifyInstanceQpsLimit
- ModifyInstanceRenewFlag
- ModifyWebshellStatus
- UpsertCCRule
- UpsertSession
- GetInstanceQpsLimit
- AddCustomRule
- IP Management APIs
- Integration APIs
- DescribeCertificateVerifyResult
- DeleteHost
- DescribeTlsVersion
- ModifyHost
- ModifyHostFlowMode
- ModifySpartaProtection
- AddSpartaProtection
- DescribePorts
- DescribeUserClbWafRegions
- RefreshAccessCheckResult
- DeleteSpartaProtection
- DescribeCiphersDetail
- DescribeDomainDetailsClb
- DescribeDomainDetailsSaas
- ModifyDomainIpv6Status
- CreateHost
- DescribeVipInfo
- Log Service APIs
- Bot Behavior Management APIs
- Security Overview APIs
- Data Types
- Error Codes
- FAQS
- Service Level Agreement
- WAF Policy
- Contact Us
- Glossary
- Release Notes and Announcements
- Release Notes
- Product Announcement
- Security Advisory
- Notice for Apache Log4j 2 RCE Vulnerability (CVE-2021-44832)
- Notice for Apache Log4j 2 RCE Vulnerability (CVE-2021-45046)
- Notice for Apache Log4j 2 RCE Vulnerability (CVE-2021-44228)
- Notice for WebLogic Console HTTP RCE Vulnerability
- Notice for Exchange Server Command Execution Vulnerability
- Notice for Yonyou GRP-U8 SQL Injection Vulnerability
- Notice for Apache Cocoon XXE Vulnerability (CVE-2020-11991)
- Notice for WordPress File Manager Arbitrary Code Execution Vulnerability
- Jenkins Security Advisory for September
- Notice for Apache Struts 2 RCE Vulnerabilities (CVE-2019-0230 and CVE-2019-0233)
- Notice for Apache SkyWalking SQL Injection Vulnerability (CVE-2020-13921)
- User Guide
- Product Introduction
- Purchase Guide
- Getting Started
- Operation Guide
- Practical Tutorial
- API Documentation
- History
- Introduction
- API Category
- Making API Requests
- Asset Management APIs
- Billing APIs
- Protection Settings APIs
- AddAntiFakeUrl
- AddAntiInfoLeakRules
- DeleteAntiFakeUrl
- DeleteSession
- DescribeAntiFakeRules
- DescribeAntiInfoLeakageRules
- DescribeCCRule
- DescribeCCRuleList
- DescribeCustomRuleList
- DescribeCustomWhiteRule
- DescribeDomainVerifyResult
- DescribeModuleStatus
- DescribeObjects
- DescribeRuleLimit
- DescribeSession
- DescribeSpartaProtectionInfo
- DescribeUserLevel
- ModifyAntiFakeUrl
- ModifyAntiInfoLeakRuleStatus
- ModifyAntiInfoLeakRules
- ModifyCustomRule
- ModifyCustomRuleStatus
- ModifyCustomWhiteRule
- ModifyCustomWhiteRuleStatus
- ModifyModuleStatus
- ModifyObject
- ModifyProtectionStatus
- ModifySpartaProtectionMode
- ModifyUserLevel
- ModifyUserSignatureRule
- SwitchElasticMode
- Other APIs
- AddCustomWhiteRule
- DeleteAntiInfoLeakRule
- DeleteCCRule
- DeleteCustomRule
- DeleteCustomWhiteRule
- DescribeDomainCountInfo
- DescribeFindDomainList
- DescribeHost
- DescribeHostLimit
- DescribeHosts
- DescribeInstances
- DescribeUserDomainInfo
- DescribeWebshellStatus
- FreshAntiFakeUrl
- ModifyAntiFakeUrlStatus
- ModifyBotStatus
- ModifyDomainsCLSStatus
- ModifyHostMode
- ModifyHostStatus
- ModifyInstanceElasticMode
- ModifyInstanceName
- ModifyInstanceQpsLimit
- ModifyInstanceRenewFlag
- ModifyWebshellStatus
- UpsertCCRule
- UpsertSession
- GetInstanceQpsLimit
- AddCustomRule
- IP Management APIs
- Integration APIs
- DescribeCertificateVerifyResult
- DeleteHost
- DescribeTlsVersion
- ModifyHost
- ModifyHostFlowMode
- ModifySpartaProtection
- AddSpartaProtection
- DescribePorts
- DescribeUserClbWafRegions
- RefreshAccessCheckResult
- DeleteSpartaProtection
- DescribeCiphersDetail
- DescribeDomainDetailsClb
- DescribeDomainDetailsSaas
- ModifyDomainIpv6Status
- CreateHost
- DescribeVipInfo
- Log Service APIs
- Bot Behavior Management APIs
- Security Overview APIs
- Data Types
- Error Codes
- FAQS
- Service Level Agreement
- WAF Policy
- Contact Us
- Glossary
1. INTRODUCTION
This Module applies if you use the Web Application Firewall (“Feature”). This Module is incorporated into the privacy policy located at Privacy Policy. Terms used but not defined in this Module shall have the meaning given to them in the Privacy Policy. In the event of any conflict between the Privacy Policy and this Module, this Module shall apply to the extent of the inconsistency.
2. CONTROLLERSHIP
The controller of the personal information described in this Module is as specified in the Privacy Policy.
3. AVAILABILITY
This Feature is available to users globally.
4. HOW WE USE PERSONAL INFORMATION
We will use the information in the following ways and in accordance with the following legal bases:
| Personal Information | Use | Legal Basis |
|---|---|---|
| Log Data (Access Log: source IP, access URL, Query, Referrer, Cookie, User-Agent, X-Forwarder-For, WAF response code, source site response code, body) | We use this information to ensure the Service functions as required and to ensure that bugs are detected and remediated. | We process this information as it’s necessary for us to perform our contract with you to provide the Services. |
| Log Data (Attack Log: domain name, attack type, number of aggregated attacks, attack source IP, hit rule ID, hit rule name, request method, risk level, attack time, matching source, execution action, request URL, attack content) | We use this information to ensure the Service functions as required and to ensure that bugs are detected and remediated. | We process this information as it’s necessary for us to perform our contract with you to provide the Services. |
5. HOW WE STORE AND SHARE PERSONAL INFORMATION
As specified in the Privacy Policy.
6. HOW WE SHARE PERSONAL INFORMATION
As specified in the Privacy Policy, including Tencent Cloud Computing (Beijing) Limited.
7. DATA RETENTION
We will retain personal information in accordance with the following:
| Personal Information | Retention Policy |
|---|---|
| Log Data | Up to 6 months (depending on your chosen configuration). |
Yes
No
Was this page helpful?