Help Center/
Web Application Firewall/
User Guide (Paris) /
Best Practices/
Configuring CC Attack Protection
Updated on 2024-03-14 GMT+08:00
Configuring CC Attack Protection
- Overview
This section guides you through configuring IP address-based rate limiting and cookie-based protection rules against Challenge Collapsar (CC) attacks. - IP Address-based Rate Limiting
If no proxy is used between WAF and web visitors, limiting source IP addresses is an effective way to detect attacks. IP address-based rate limiting policies are recommended. - Cookie-based CC Attack Protection
In some cases, it may be difficult for WAF to obtain real IP addresses of website visitors. For example, if a website uses proxies that do not use the X-Forwarded-For HTTP header field, WAF is unable to obtain the real access IP addresses. In this situation, the cookie field should be configured to identify visitors and All WAF instances should be enabled for precise user-based rate limiting. - Restricting Malicious Requests in Promotions by Using Cookies and HWWAFSESID
Parent topic: Best Practices
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbot
