Yandex Cloud
Search
Contact UsGet started
  • Blog
  • Pricing
  • Documentation
  • All Services
  • System Status
    • Featured
    • Infrastructure & Network
    • Data Platform
    • Containers
    • Developer tools
    • Serverless
    • Security
    • Monitoring & Resources
    • ML & AI
    • Business tools
  • All Solutions
    • By industry
    • By use case
    • Economics and Pricing
    • Security
    • Technical Support
    • Customer Stories
    • Gateway to Russia
    • Cloud for Startups
    • Education and Science
  • Blog
  • Pricing
  • Documentation
Yandex project
© 2025 Yandex.Cloud LLC
Yandex Smart Web Security
  • Getting started
    • Overview
    • Security profiles
    • WAF
    • ARL (request limit)
    • Rules
    • Conditions
    • Lists
    • Quotas and limits
  • Access management
  • Pricing policy
  • Terraform reference
  • Monitoring metrics
  • Audit Trails events
  • Release notes

In this article:

  • Request body analysis
  • Profiles and rules diagram
  1. Concepts
  2. Security profiles

Security profiles

Written by
Yandex Cloud
Updated at April 17, 2025
  • Request body analysis
  • Profiles and rules diagram

Security profile is the main component in Smart Web Security. The profile consists of rules, each including conditions for applying certain actions to HTTP requests received via the virtual host of the Yandex Application Load Balancer L7 load balancer by the resource being protected.

Note

To enhance your security, we use HTTP request data to improve our machine learning (ML) models. You can disable the use of this information in the management console when creating a security profile or later in its settings.

You can create a profile:

  • From a preset template. A preset profile includes:
    • Basic default rule, enabled for all traffic.
    • Smart Protection rule enabled for all traffic with the Full protection action type.
  • From scratch. This profile includes only the basic default rule enabled for all traffic.

To activate Smart Web Security, connect the security profile to the virtual host of the L7 load balancer from which the traffic is distributed to the resources being protected. When an Application Load Balancer Ingress controller manages the load balancer, connect the security profile using an Ingress resource annotation.

Request body analysisRequest body analysis

In the security profile, you can enable request body inspection to improve the web application's performance and security. Limiting the maximum request body size prevents excessive resource consumption and mitigates the effects of DoS/DDoS attacks, where attackers submit large requests in order to exhaust the server's resources.

When you configure a security profile, you can select an action for when the maximum request body size is exceeded:

  • Do not analyze body: Use it when a legitimate application frequently sends large requests.
  • Block request: This is a universal and secure approach. Smart Web Security blocks any requests exceeding the 8 KB limit, reducing the risk of attacks. If a request is blocked, Smart Web Security returns a 403 error.

Profiles and rules diagramProfiles and rules diagram

The diagram below illustrates the relationship between Smart Web Security profiles and rules. Security profile is the main Smart Web Security component you can use to set up basic rules and Smart Protection. You can additionally connect a WAF profile (through a WAF rule), an ARL profile, and SmartCaptcha.

See alsoSee also

  • Managing security profiles
  • Setting up an Ingress controller and test applications

Was the article helpful?

Previous
Overview
Next
WAF
Yandex project
© 2025 Yandex.Cloud LLC