To configure the WAF-as-a-Service Content Delivery Network (CDN) for your application:
- Set Enable CDN to On. Within a few minutes, all domains configured for your application are listed along with the associated TXT keys. Configure your DNS TXT records to match these values. Domains will show a status of Pending until the records are updated, at which point they will show as Approved.
- Once all domains are Approved, you can set Route traffic through CDN to On. This begins the rollout of your application in the CDN network.
- Once rollout is complete, the Enable CDN setting will no longer be active and Block traffic not sent through CDN will become active. Enabling this will ensure all traffic goes through CDN and prevents other routes. However, doing so immediately could block legitimate traffic that is not routed via CDN yet, so it is a good practice to wait a few hours before blocking direct traffic.
- HTTPS Settings are not available for configuration at this time, but will be coming in the near future.
- Currently TLS defaults to the most secure option which means traffic must use TLS 1.2 or a more stringent encryption protocol.
- Certificates are only available as Automatic at this time, meaning WAF-as-a-Service provides an internal certificate authority. The option to use Custom certificates will be available soon.