See Address record
Frequency of access to an interface is limited by an access control policy.
Detection policies can be customized for common fields (such as URL, IP, Params, Cookie, Referer, User-Agent and Header) in HTTP requests. In addition, multi-logic detection policies are supported.
Address records (A records) are used to specify IP addresses for host names (or domain names). You can use A records to make different domain names point to different IP addresses.
WAF has a big crawler characteristics database used to detect crawlers (such as engine crawlers, script crawlers, and scanners).
The IP address whitelist is a list of trusted IP addresses and traffic from these IP addresses is not subject to attack detection. The IP address blacklist is a list of malicious IP addresses and traffic from these IP addresses is subject to actions specified in detection policies.
A Canonical Name record (CNAME record) is a type of resource record in the domain name system used to specify that multiple domain names are mapped to the same domain name (the Canonical Name).
Attackers use proxy servers to generate valid requests directed to target hosts. CC attacks are a type of denial of service (DoS) attack.
Code injection is an attack that exploits logic defects of web applications in input validation or code execution vulnerabilities of some script functions.
Exploiting web application interfaces allowed to invoke system commands, attackers use commands generated at the server end by command splicing and blacklist bypassing to attack services.
Cross-site request forgery is another common web attack. Attackers forge data for targets to access. If the browsers of the targets maintain the authentication sessions with the destination sites, the targets unknowingly send requests forged by attackers to the destination sites when accessing the attacker-forged pages or URLs.
XSS is a type of web security vulnerability used by attackers to steal user information. Using the vulnerability, attackers inject malicious code into web pages. The code is executed to steal user information when users browse the web pages.
In leeching, the attacker uses a link to direct access requests to a file on your website instead of placing the file on their own server. Typically, the file is big and consumes a lot of bandwidth, for example, an image or video. In some sense, you are paying for the access traffic to the file. Therefore, you are not only unpaid for the occupied bandwidth, the access rate to your website is also affected seriously.
A highly efficient multi-mode matching algorithm is used for characteristic detection of request traffic, which greatly improves the performance of the detection engine.
Sensitive files, such as configuration files and permission management files of operating systems and application service frameworks, should not be accessed on the Internet; otherwise, service security is compromised.
SSRF is an attacker-made vulnerability that can be used to send requests from servers. Typically, targets of SSRF are internal systems inaccessible from the Internet. The causes of SSRF are that the server can obtain data from other servers and that users have not filtered and limited destination addresses when they can.
SQL injection is a common web attack. Attackers inject SQL statements into query character strings of background databases to deceive servers into executing the malicious SQL statements. Then, attackers can obtain sensitive information, add users, export files, or even gain the highest permissions on the databases or even the systems.
See SQL injection
Web Application Firewall (WAF) is designed to keep web services stable and secure. It examines all HTTP and HTTPS requests to detect and block attacks such as Structure Query Language (SQL) injections, cross-site scripting (XSS), Trojan horses, command or code injections, file inclusions, sensitive file access, third-party vulnerability exploits, CC attacks, malicious crawlers, and cross-site request forgery (CSRF).
A webshell is an attack script. After intruding a website, an attacker mixes .asp, .php, .jsp, or .cgi files with normal web page files. Then, the attacker can access web backdoors using a browser. In other words, the attacker has obtained an environment to run his malicious commands to control the website server. For this reason, webshells are also called backdoor tools.
Thank you for your score！Your feedback would help us improve the website.