Can WAF Defend Against the Apache Struts2 Remote Code Execution Vulnerability (CVE-2021-31805)?
Yes. WAF basic web protection rules can defend against the Apache Struts2 remote code execution vulnerability (CVE-2021-31805).
Follow the procedure below to complete the configuration.
Configuration Procedure
- Enable WAF.
- Add the website domain name to WAF and connect it to WAF. For details, see Connecting Your Website to WAF (Dedicated Mode).
- In the Basic Web Protection configuration area, set Mode to Block. For details, see Configuring Basic Web Protection to Defend Against Common Web Attacks.
Parent topic: About WAF
- Configuration Procedure