Help Center> Web Application Firewall> FAQs> Protection Rules> When Is Cookie Used to Identify Users?
Updated on 2024-06-07 GMT+08:00

When Is Cookie Used to Identify Users?

During the configuration of a CC attack protection rule, if IP addresses cannot identify users precisely, for example, when many users share an egress IP address, use Cookie to identify users.

If the cookie contains key values, such as the session value, of users, the key value can be used as the basis for identifying users.

Cookie-based identification may not be supported if the URL request configured in a CC attack protection policy is an API called by another service.

Protection Rules FAQs