window服务器添加samwaf防火墙遇到的问题和解决方案

iis特殊的80端口解析机制，单端口多主机多应用问题

原始方式应该是加到iis前面，但是wsf不能支持iis特殊的分发机制，需要借助iis进行请求分发

理想状态

#mermaid-svg-t3NQiqLR0nwRQpW1{font-family:\”trebuchet ms\”,verdana,arial,sans-serif;font-size:16px;fill:#333;}@keyframes edge-animation-frame{from{stroke-dashoffset:0;}}@keyframes dash{to{stroke-dashoffset:0;}}#mermaid-svg-t3NQiqLR0nwRQpW1 .edge-animation-slow{stroke-dasharray:9,5!important;stroke-dashoffset:900;animation:dash 50s linear infinite;stroke-linecap:round;}#mermaid-svg-t3NQiqLR0nwRQpW1 .edge-animation-fast{stroke-dasharray:9,5!important;stroke-dashoffset:900;animation:dash 20s linear infinite;stroke-linecap:round;}#mermaid-svg-t3NQiqLR0nwRQpW1 .error-icon{fill:#552222;}#mermaid-svg-t3NQiqLR0nwRQpW1 .error-text{fill:#552222;stroke:#552222;}#mermaid-svg-t3NQiqLR0nwRQpW1 .edge-thickness-normal{stroke-width:1px;}#mermaid-svg-t3NQiqLR0nwRQpW1 .edge-thickness-thick{stroke-width:3.5px;}#mermaid-svg-t3NQiqLR0nwRQpW1 .edge-pattern-solid{stroke-dasharray:0;}#mermaid-svg-t3NQiqLR0nwRQpW1 .edge-thickness-invisible{stroke-width:0;fill:none;}#mermaid-svg-t3NQiqLR0nwRQpW1 .edge-pattern-dashed{stroke-dasharray:3;}#mermaid-svg-t3NQiqLR0nwRQpW1 .edge-pattern-dotted{stroke-dasharray:2;}#mermaid-svg-t3NQiqLR0nwRQpW1 .marker{fill:#333333;stroke:#333333;}#mermaid-svg-t3NQiqLR0nwRQpW1 .marker.cross{stroke:#333333;}#mermaid-svg-t3NQiqLR0nwRQpW1 svg{font-family:\”trebuchet ms\”,verdana,arial,sans-serif;font-size:16px;}#mermaid-svg-t3NQiqLR0nwRQpW1 p{margin:0;}#mermaid-svg-t3NQiqLR0nwRQpW1 .label{font-family:\”trebuchet ms\”,verdana,arial,sans-serif;color:#333;}#mermaid-svg-t3NQiqLR0nwRQpW1 .cluster-label text{fill:#333;}#mermaid-svg-t3NQiqLR0nwRQpW1 .cluster-label span{color:#333;}#mermaid-svg-t3NQiqLR0nwRQpW1 .cluster-label span p{background-color:transparent;}#mermaid-svg-t3NQiqLR0nwRQpW1 .label text,#mermaid-svg-t3NQiqLR0nwRQpW1 span{fill:#333;color:#333;}#mermaid-svg-t3NQiqLR0nwRQpW1 .node rect,#mermaid-svg-t3NQiqLR0nwRQpW1 .node circle,#mermaid-svg-t3NQiqLR0nwRQpW1 .node ellipse,#mermaid-svg-t3NQiqLR0nwRQpW1 .node polygon,#mermaid-svg-t3NQiqLR0nwRQpW1 .node path{fill:#ECECFF;stroke:#9370DB;stroke-width:1px;}#mermaid-svg-t3NQiqLR0nwRQpW1 .rough-node .label text,#mermaid-svg-t3NQiqLR0nwRQpW1 .node .label text,#mermaid-svg-t3NQiqLR0nwRQpW1 .image-shape .label,#mermaid-svg-t3NQiqLR0nwRQpW1 .icon-shape .label{text-anchor:middle;}#mermaid-svg-t3NQiqLR0nwRQpW1 .node .katex path{fill:#000;stroke:#000;stroke-width:1px;}#mermaid-svg-t3NQiqLR0nwRQpW1 .rough-node .label,#mermaid-svg-t3NQiqLR0nwRQpW1 .node .label,#mermaid-svg-t3NQiqLR0nwRQpW1 .image-shape .label,#mermaid-svg-t3NQiqLR0nwRQpW1 .icon-shape .label{text-align:center;}#mermaid-svg-t3NQiqLR0nwRQpW1 .node.clickable{cursor:pointer;}#mermaid-svg-t3NQiqLR0nwRQpW1 .root .anchor path{fill:#333333!important;stroke-width:0;stroke:#333333;}#mermaid-svg-t3NQiqLR0nwRQpW1 .arrowheadPath{fill:#333333;}#mermaid-svg-t3NQiqLR0nwRQpW1 .edgePath .path{stroke:#333333;stroke-width:2.0px;}#mermaid-svg-t3NQiqLR0nwRQpW1 .flowchart-link{stroke:#333333;fill:none;}#mermaid-svg-t3NQiqLR0nwRQpW1 .edgeLabel{background-color:rgba(232,232,232, 0.8);text-align:center;}#mermaid-svg-t3NQiqLR0nwRQpW1 .edgeLabel p{background-color:rgba(232,232,232, 0.8);}#mermaid-svg-t3NQiqLR0nwRQpW1 .edgeLabel rect{opacity:0.5;background-color:rgba(232,232,232, 0.8);fill:rgba(232,232,232, 0.8);}#mermaid-svg-t3NQiqLR0nwRQpW1 .labelBkg{background-color:rgba(232, 232, 232, 0.5);}#mermaid-svg-t3NQiqLR0nwRQpW1 .cluster rect{fill:#ffffde;stroke:#aaaa33;stroke-width:1px;}#mermaid-svg-t3NQiqLR0nwRQpW1 .cluster text{fill:#333;}#mermaid-svg-t3NQiqLR0nwRQpW1 .cluster span{color:#333;}#mermaid-svg-t3NQiqLR0nwRQpW1 div.mermaidTooltip{position:absolute;text-align:center;max-width:200px;padding:2px;font-family:\”trebuchet ms\”,verdana,arial,sans-serif;font-size:12px;background:hsl(80, 100%, 96.2745098039%);border:1px solid #aaaa33;border-radius:2px;pointer-events:none;z-index:100;}#mermaid-svg-t3NQiqLR0nwRQpW1 .flowchartTitleText{text-anchor:middle;font-size:18px;fill:#333;}#mermaid-svg-t3NQiqLR0nwRQpW1 rect.text{fill:none;stroke-width:0;}#mermaid-svg-t3NQiqLR0nwRQpW1 .icon-shape,#mermaid-svg-t3NQiqLR0nwRQpW1 .image-shape{background-color:rgba(232,232,232, 0.8);text-align:center;}#mermaid-svg-t3NQiqLR0nwRQpW1 .icon-shape p,#mermaid-svg-t3NQiqLR0nwRQpW1 .image-shape p{background-color:rgba(232,232,232, 0.8);padding:2px;}#mermaid-svg-t3NQiqLR0nwRQpW1 .icon-shape rect,#mermaid-svg-t3NQiqLR0nwRQpW1 .image-shape rect{opacity:0.5;background-color:rgba(232,232,232, 0.8);fill:rgba(232,232,232, 0.8);}#mermaid-svg-t3NQiqLR0nwRQpW1 .label-icon{display:inline-block;height:1em;overflow:visible;vertical-align:-0.125em;}#mermaid-svg-t3NQiqLR0nwRQpW1 .node .label-icon path{fill:currentColor;stroke:revert;stroke-width:revert;}#mermaid-svg-t3NQiqLR0nwRQpW1 :root{–mermaid-font-family:\”trebuchet ms\”,verdana,arial,sans-serif;}

请求

waf

iis

应用

实际状态

#mermaid-svg-bXz3vYSlbvgr2tf4{font-family:\”trebuchet ms\”,verdana,arial,sans-serif;font-size:16px;fill:#333;}@keyframes edge-animation-frame{from{stroke-dashoffset:0;}}@keyframes dash{to{stroke-dashoffset:0;}}#mermaid-svg-bXz3vYSlbvgr2tf4 .edge-animation-slow{stroke-dasharray:9,5!important;stroke-dashoffset:900;animation:dash 50s linear infinite;stroke-linecap:round;}#mermaid-svg-bXz3vYSlbvgr2tf4 .edge-animation-fast{stroke-dasharray:9,5!important;stroke-dashoffset:900;animation:dash 20s linear infinite;stroke-linecap:round;}#mermaid-svg-bXz3vYSlbvgr2tf4 .error-icon{fill:#552222;}#mermaid-svg-bXz3vYSlbvgr2tf4 .error-text{fill:#552222;stroke:#552222;}#mermaid-svg-bXz3vYSlbvgr2tf4 .edge-thickness-normal{stroke-width:1px;}#mermaid-svg-bXz3vYSlbvgr2tf4 .edge-thickness-thick{stroke-width:3.5px;}#mermaid-svg-bXz3vYSlbvgr2tf4 .edge-pattern-solid{stroke-dasharray:0;}#mermaid-svg-bXz3vYSlbvgr2tf4 .edge-thickness-invisible{stroke-width:0;fill:none;}#mermaid-svg-bXz3vYSlbvgr2tf4 .edge-pattern-dashed{stroke-dasharray:3;}#mermaid-svg-bXz3vYSlbvgr2tf4 .edge-pattern-dotted{stroke-dasharray:2;}#mermaid-svg-bXz3vYSlbvgr2tf4 .marker{fill:#333333;stroke:#333333;}#mermaid-svg-bXz3vYSlbvgr2tf4 .marker.cross{stroke:#333333;}#mermaid-svg-bXz3vYSlbvgr2tf4 svg{font-family:\”trebuchet ms\”,verdana,arial,sans-serif;font-size:16px;}#mermaid-svg-bXz3vYSlbvgr2tf4 p{margin:0;}#mermaid-svg-bXz3vYSlbvgr2tf4 .label{font-family:\”trebuchet ms\”,verdana,arial,sans-serif;color:#333;}#mermaid-svg-bXz3vYSlbvgr2tf4 .cluster-label text{fill:#333;}#mermaid-svg-bXz3vYSlbvgr2tf4 .cluster-label span{color:#333;}#mermaid-svg-bXz3vYSlbvgr2tf4 .cluster-label span p{background-color:transparent;}#mermaid-svg-bXz3vYSlbvgr2tf4 .label text,#mermaid-svg-bXz3vYSlbvgr2tf4 span{fill:#333;color:#333;}#mermaid-svg-bXz3vYSlbvgr2tf4 .node rect,#mermaid-svg-bXz3vYSlbvgr2tf4 .node circle,#mermaid-svg-bXz3vYSlbvgr2tf4 .node ellipse,#mermaid-svg-bXz3vYSlbvgr2tf4 .node polygon,#mermaid-svg-bXz3vYSlbvgr2tf4 .node path{fill:#ECECFF;stroke:#9370DB;stroke-width:1px;}#mermaid-svg-bXz3vYSlbvgr2tf4 .rough-node .label text,#mermaid-svg-bXz3vYSlbvgr2tf4 .node .label text,#mermaid-svg-bXz3vYSlbvgr2tf4 .image-shape .label,#mermaid-svg-bXz3vYSlbvgr2tf4 .icon-shape .label{text-anchor:middle;}#mermaid-svg-bXz3vYSlbvgr2tf4 .node .katex path{fill:#000;stroke:#000;stroke-width:1px;}#mermaid-svg-bXz3vYSlbvgr2tf4 .rough-node .label,#mermaid-svg-bXz3vYSlbvgr2tf4 .node .label,#mermaid-svg-bXz3vYSlbvgr2tf4 .image-shape .label,#mermaid-svg-bXz3vYSlbvgr2tf4 .icon-shape .label{text-align:center;}#mermaid-svg-bXz3vYSlbvgr2tf4 .node.clickable{cursor:pointer;}#mermaid-svg-bXz3vYSlbvgr2tf4 .root .anchor path{fill:#333333!important;stroke-width:0;stroke:#333333;}#mermaid-svg-bXz3vYSlbvgr2tf4 .arrowheadPath{fill:#333333;}#mermaid-svg-bXz3vYSlbvgr2tf4 .edgePath .path{stroke:#333333;stroke-width:2.0px;}#mermaid-svg-bXz3vYSlbvgr2tf4 .flowchart-link{stroke:#333333;fill:none;}#mermaid-svg-bXz3vYSlbvgr2tf4 .edgeLabel{background-color:rgba(232,232,232, 0.8);text-align:center;}#mermaid-svg-bXz3vYSlbvgr2tf4 .edgeLabel p{background-color:rgba(232,232,232, 0.8);}#mermaid-svg-bXz3vYSlbvgr2tf4 .edgeLabel rect{opacity:0.5;background-color:rgba(232,232,232, 0.8);fill:rgba(232,232,232, 0.8);}#mermaid-svg-bXz3vYSlbvgr2tf4 .labelBkg{background-color:rgba(232, 232, 232, 0.5);}#mermaid-svg-bXz3vYSlbvgr2tf4 .cluster rect{fill:#ffffde;stroke:#aaaa33;stroke-width:1px;}#mermaid-svg-bXz3vYSlbvgr2tf4 .cluster text{fill:#333;}#mermaid-svg-bXz3vYSlbvgr2tf4 .cluster span{color:#333;}#mermaid-svg-bXz3vYSlbvgr2tf4 div.mermaidTooltip{position:absolute;text-align:center;max-width:200px;padding:2px;font-family:\”trebuchet ms\”,verdana,arial,sans-serif;font-size:12px;background:hsl(80, 100%, 96.2745098039%);border:1px solid #aaaa33;border-radius:2px;pointer-events:none;z-index:100;}#mermaid-svg-bXz3vYSlbvgr2tf4 .flowchartTitleText{text-anchor:middle;font-size:18px;fill:#333;}#mermaid-svg-bXz3vYSlbvgr2tf4 rect.text{fill:none;stroke-width:0;}#mermaid-svg-bXz3vYSlbvgr2tf4 .icon-shape,#mermaid-svg-bXz3vYSlbvgr2tf4 .image-shape{background-color:rgba(232,232,232, 0.8);text-align:center;}#mermaid-svg-bXz3vYSlbvgr2tf4 .icon-shape p,#mermaid-svg-bXz3vYSlbvgr2tf4 .image-shape p{background-color:rgba(232,232,232, 0.8);padding:2px;}#mermaid-svg-bXz3vYSlbvgr2tf4 .icon-shape rect,#mermaid-svg-bXz3vYSlbvgr2tf4 .image-shape rect{opacity:0.5;background-color:rgba(232,232,232, 0.8);fill:rgba(232,232,232, 0.8);}#mermaid-svg-bXz3vYSlbvgr2tf4 .label-icon{display:inline-block;height:1em;overflow:visible;vertical-align:-0.125em;}#mermaid-svg-bXz3vYSlbvgr2tf4 .node .label-icon path{fill:currentColor;stroke:revert;stroke-width:revert;}#mermaid-svg-bXz3vYSlbvgr2tf4 :root{–mermaid-font-family:\”trebuchet ms\”,verdana,arial,sans-serif;}

请求

IIS

WAF

IIS

应用