Help Center/
Edge Security/
Best Practices/
CC Attack Protection/
Preventing Bonus Hunting by Configuring Service Cookies and System IDs
Updated on 2025-03-04 GMT+08:00
Preventing Bonus Hunting by Configuring Service Cookies and System IDs
This topic introduces how to configure service cookies and system IDs to restrict malicious bonus hunting and downloads.
Application Scenarios
- Scenario 1: To steal extra bonus (such as goods in promotions or downloads), a malicious actor may use the same account to send requests to a website by changing IP addresses or terminals.
Protective measures: Using Cookies (or User IDs) to Configure a Path-based CC Attack Protection Rule
- Scenario 2: To steal extra bonus (such as goods in promotions or downloads), a malicious actor may use multiple accounts to send requests to a website through the same PC by frequently changing its IP address.
Protective measures: Using a System ID to Configure a Path-based CC Attack Protection Rule
Using Cookies (or User IDs) to Configure a Path-based CC Attack Protection Rule
- Log in to the management console.
- Click
in the upper left corner of the page and choose . - In the navigation pane on the left, choose . The Website Settings page is displayed.
- In the Policy column of the row containing the target domain name, click the number of enabled protection rules. On the page displayed, confirm that the status of CC attack protection is enabled (
) and click Customize Rule.
Figure 1 CC Attack Protection configuration area
- In the upper left corner of the CC Attack Protection page, click Add Rule. Use service cookies to configure the CC attack rate limit mode based on paths. Enter the service cookie or user ID. For details, see Figure 2.
- Click Confirm.
Using a System ID to Configure a Path-based CC Attack Protection Rule
- Log in to the management console.
- In the navigation pane on the left, choose . The Website Settings page is displayed.
- In the Policy column of the row containing the target domain name, click the number of enabled protection rules. On the page displayed, confirm that the status of CC attack protection is enabled () and click Customize Rule.
Figure 3 CC Attack Protection configuration area
- In the upper left corner of the CC Attack Protection page, click Add Rule. Configure a CC attack protection rule using system ID like HWSESID to limit traffic to the path. Figure 4 shows an example rule.
- Click Confirm.
Parent topic: CC Attack Protection
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbot
