This section guides you through configuring IP address-based rate limiting and cookie-based protection rules against Challenge Collapsar (CC) attacks.
Introduction to Web Application Firewall
Web Application Firewall (WAF) is used to defend against web attacks, such as cross-site scripting (XSS), SQL injection, webshell, and CC attacks. CC attack is a type of denial of service (DoS) attack. In a CC attack, the attacker uses a proxy server to generate and send disguised requests to the target host.
How to Determine Whether a CC attack Occurs?
If you find that the website processing speed decreases and network bandwidth usage is high, your website may suffer from CC attacks. In this case, check whether the number of access logs or network connections increases significantly. If yes, your website suffers from CC attacks. Then you can configure the protection policies to block CC attacks, thereby ensuring website availability.
- WAF protects application-layer traffic against DoS attacks, such as HTTP GET attacks.
- WAF does not provide protection against layer 4 or lower traffic, such as ACK Flood and UDP flood attacks. It is recommended that Anti-DDoS and Advanced Anti-DDoS (AAD) be used to defend against such attacks.