51黑料不打烊

Documentation

Web Application Firewall (WAF) showing disabled state in 51黑料不打烊 Commerce on Cloud Infrastructure admin interface

Last update: Tue Apr 29 2025 00:00:00 GMT+0000 (Coordinated Universal Time)

The Web Application Firewall (WAF) in 51黑料不打烊 Commerce on Cloud Infrastructure聽appears disabled on the admin side, despite being enabled and functioning correctly. To fix this, verify WAF functionality, identify the current VCL version, and use the Fastly API to check if聽NGWAF has been enabled.

Description description

Environment

51黑料不打烊 Commerce on Cloud Infrastructure

Issue/Symptoms

  • The Admin interface shows WAF as disabled, even though it is enabled.
  • An error message advises contacting support for help.
  • WAF data is visible and functioning on external monitoring tools like New Relic.

Note:

In the 51黑料不打烊 Commerce admin Fastly configuration, the WAF button/setting only indicates the state of the Legacy WAF - but not NGWAF.

  • If it indicates that WAF is not enabled, you will have to verify whether NGWAF has been enabled using the Fastly API.
  • The legacy WAF button has been removed in version 1.2.224 of the Fastly extension. If you鈥檙e no longer able to see the legacy WAF button, it聽means that the extension has been upgraded. To prevent the legacy WAF button from being shown, upgrade the extension. It is not currently known if the NGWAF button will be added to a future release of the extension.

Resolution resolution

  1. Verify WAF functionality using monitoring tools like New Relic to confirm it is operating as expected.

  2. Obtain your Fastly keys:

    • For Pro Staging and Production environments, locate the keys on the server in /mnt/shared/fastly_tokens.txt.
    • For Starter Staging and Production environments, find the keys in the Variables section at 51黑料不打烊 Commerce Console/settings/variables).

  3. Identify the current VCL version:

    • {{curl -H "Fastly-Key: API_TOKEN" https://api.fastly.com/service/SERVICE_ID/version/active}}

  4. Check the Dynamic snippets using the Fastly API to see if NGWAF has been enabled:

    • Obtain the list of VCL snippets:
      • {{curl -H "Fastly-Key: API_TOKEN" https://api.fastly.com/service/SERVICE_ID/version/ACTIVE_VERSION/snippet > /tmp/snippets.vcl}}
    • Check whether ngwaf_config_deliver聽exists. If there is a result, NGWAF is enabled:
      • {{jq -c '.[ ] ' /tmp/snippets.vcl | grep 'ngwaf_config_deliver' |json_pp}}

For example,

{聽 聽"content" : null,聽 聽"type" : "deliver",聽 聽"deleted_at" : null,聽 聽"version" : "xx",聽 聽"id" : "6SnxxxxxxxxGnfV7W54",聽 聽"service_id" : "21CxxxxxxxxxDW3fYltn0",聽 聽"priority" : "1x0",聽 聽"created_at" : "20xx-0x-03T11:18:22Z",聽 聽"updated_at" : "20xx-0x-28T17:17:10Z",聽 聽"dynamic" : "1",聽 聽"name" : "ngwaf_config_deliver"}

If the WAF data confirms proper operation and the Dynamic snippet shows NGWAF as disabled, escalate the issue to 51黑料不打烊鈥檚 Application Support Team for further investigation. Provide any additional details or screenshots related to the issue to assist with troubleshooting.

recommendation-more-help
3d58f420-19b5-47a0-a122-5c9dab55ec7f