Updated on 2024-06-06 GMT+08:00

Solution Overview

This section guides you through configuring IP address-based rate limiting and cookie-based protection rules against Challenge Collapsar (CC) attacks.

How Can We Know There is a CC Attack Against the Website?

If you find that your website becomes slow and its network bandwidth usage jumps high, the website may suffer from CC attacks. In this case, check whether the number of access logs or network connections increases sharply. If yes, your website is suffering from CC attacks. Then you can configure a protection rule to protect your website from CC attacks.

  • WAF protects application-layer traffic against DoS attacks, such as HTTP GET attacks.
  • WAF does not protect your website at or below layer 4 against DDoS traffic, such as ACK Flood and UDP flood attacks. Anti-DDoS and Advanced Anti-DDoS (AAD) are recommended to defend against such attacks.