diff --git a/plugins/op_waf/index.py b/plugins/op_waf/index.py
index 0fd0487c1..4c3b4d802 100755
--- a/plugins/op_waf/index.py
+++ b/plugins/op_waf/index.py
@@ -114,7 +114,15 @@ def initSiteInfo():
             tmp['open'] = False
 
             tmp['cc'] = config_contents['cc']
-
+            tmp['retry'] = config_contents['retry']
+            tmp['get'] = config_contents['get']
+            tmp['post'] = config_contents['post']
+            tmp['user-agent'] = config_contents['user-agent']
+            tmp['cookie'] = config_contents['cookie']
+            tmp['scan'] = config_contents['scan']
+
+            cdn_header = ['x-forwarded-for', 'x-real-ip']
+            tmp['cdn_header'] = cdn_header
             site_contents_new[name] = tmp
 
     cjson = public.getJson(site_contents_new)
diff --git a/plugins/op_waf/js/op_waf.js b/plugins/op_waf/js/op_waf.js
index 3a1f5ebad..26a755378 100755
--- a/plugins/op_waf/js/op_waf.js
+++ b/plugins/op_waf/js/op_waf.js
@@ -1063,6 +1063,87 @@ function siteWafConfig(siteName, type) {
                                     </td>\
                                     <td class="text-right"><a class="btlink" onclick="set_cc_rule('+ rdata.cc.cycle + ',' + rdata.cc.limit + ',' + rdata.cc.endtime + ',\'' + siteName + '\',' + rdata.cc.increase + ')">设置</a></td>\
                                 </tr>\
+                                <tr>\
+                                    <td>恶意容忍设置</td>\
+                                    <td><font style="color:red;">'+ rdata.retry.retry_cycle + '</font> 秒内,累计超过 <font style="color:red;">' + rdata.retry.retry + '</font> 次恶意请求,封锁IP <font style="color:red;">' + rdata.retry.retry_time + '</font> 秒</td>\
+                                    <td style="text-align: left;">&nbsp;&nbsp;--</td>\
+                                    <td class="text-right"><a class="btlink" onclick="set_retry('+ rdata.retry.retry_cycle + ',' + rdata.retry.retry + ',' + rdata.retry.retry_time + ',\'' + siteName + '\')">设置</a></td>\
+                                </tr>\
+                                <tr>\
+                                    <td>GET-URI过滤</td>\
+                                    <td>'+ rdata.get.ps + '</td>\
+                                    <td>\
+                                        <div class="ssh-item" style="margin-left:0">\
+                                            <input class="btswitch btswitch-ios" id="closeget" type="checkbox" '+ (rdata.get ? 'checked' : '') + '>\
+                                            <label class="btswitch-btn" for="closeget" onclick="set_site_obj_state(\''+ siteName + '\',\'get\')"></label>\
+                                        </div>\
+                                    </td>\
+                                    <td class="text-right"><a class="btlink" onclick="set_site_obj_conf(\''+ siteName + '\',\'url\')">规则</a></td>\
+                                </tr>\
+                                <td>GET-参数过滤</td>\
+                                    <td>'+ rdata.get.ps + '</td>\
+                                    <td>\
+                                        <div class="ssh-item" style="margin-left:0">\
+                                            <input class="btswitch btswitch-ios" id="closeargs" type="checkbox" '+ (rdata.get ? 'checked' : '') + '>\
+                                            <label class="btswitch-btn" for="closeargs" onclick="set_site_obj_state(\''+ siteName + '\',\'get\')"></label>\
+                                        </div>\
+                                    </td>\
+                                    <td class="text-right"><a class="btlink" onclick="set_site_obj_conf(\''+ siteName + '\',\'args\')">规则</a></td>\
+                                </tr>\
+                                <tr>\
+                                    <td>POST过滤</td>\
+                                    <td>'+ rdata.post.ps + '</td>\
+                                    <td>\
+                                        <div class="ssh-item" style="margin-left:0">\
+                                            <input class="btswitch btswitch-ios" id="closepost" type="checkbox" '+ (rdata.post ? 'checked' : '') + '>\
+                                            <label class="btswitch-btn" for="closepost" onclick="set_site_obj_state(\''+ siteName + '\',\'post\')"></label>\
+                                        </div>\
+                                    </td>\
+                                    <td class="text-right"><a class="btlink" onclick="set_site_obj_conf(\''+ siteName + '\',\'post\')">规则</a></td>\
+                                </tr>\
+                                <tr>\
+                                    <td>User-Agent过滤</td>\
+                                    <td>'+ rdata['user-agent'].ps + '</td>\
+                                    <td>\
+                                        <div class="ssh-item" style="margin-left:0">\
+                                            <input class="btswitch btswitch-ios" id="closeua" type="checkbox" '+ (rdata['user-agent'] ? 'checked' : '') + '>\
+                                            <label class="btswitch-btn" for="closeua" onclick="set_site_obj_state(\''+ siteName + '\',\'user-agent\')"></label>\
+                                        </div>\
+                                    </td>\
+                                    <td class="text-right"><a class="btlink" onclick="set_site_obj_conf(\''+ siteName + '\',\'user_agent\')">规则</a></td>\
+                                </tr>\
+                                 <tr>\
+                                    <td>Cookie过滤</td>\
+                                    <td>'+ rdata.cookie.ps + '</td>\
+                                    <td>\
+                                    <div class="ssh-item" style="margin-left:0">\
+                                        <input class="btswitch btswitch-ios" id="closecookie" type="checkbox" '+ (rdata.cookie ? 'checked' : '') + '>\
+                                        <label class="btswitch-btn" for="closecookie" onclick="set_site_obj_state(\''+ siteName + '\',\'cookie\')"></label>\
+                                    </div>\
+                                    </td>\
+                                    <td class="text-right"><a class="btlink" onclick="set_site_obj_conf(\''+ siteName + '\',\'cookie\')">规则</a></td>\
+                                </tr>\
+                                <tr>\
+                                    <td>常见扫描器</td><td>'+ rdata.scan.ps + '</td>\
+                                    <td>\
+                                        <div class="ssh-item" style="margin-left:0">\
+                                            <input class="btswitch btswitch-ios" id="closescan" type="checkbox" '+ (rdata.scan ? 'checked' : '') + '>\
+                                            <label class="btswitch-btn" for="closescan" onclick="set_site_obj_state(\''+ siteName + '\',\'scan\')"></label>\
+                                        </div>\
+                                    </td>\
+                                    <td class="text-right"><a class="btlink" onclick="scan_rule()">设置</a></td>\
+                                </tr>\
+                                <tr>\
+                                    <td>使用CDN</td>\
+                                    <td>该站点使用了CDN,启用后方可正确获取客户IP</td>\
+                                    <td>\
+                                        <div class="ssh-item" style="margin-left:0">\
+                                            <input class="btswitch btswitch-ios" id="closecdn" type="checkbox" '+ (rdata.cdn ? 'checked' : '') + '>\
+                                            <label class="btswitch-btn" for="closecdn" onclick="set_site_obj_state(\''+ siteName + '\',\'cdn\')"></label>\
+                                        </div>\
+                                    </td>\
+                                    <td class="text-right"><a class="btlink" onclick="cdn_header(\''+ siteName + '\')">设置</a></td>\
+                                </tr>\
                             </tbody>\
                         </table>\
                     </div>\