Help Center/ Edge Security/ Service Overview/ Edge Security Acceleration (ESA)/ Features
Updated on 2024-07-26 GMT+08:00
View PDF
Share

Features

DDoS Attack Protection

On the basis of advanced feature identification algorithms, Edge Anti-DDoS of EdgeSec detects traffic in a unified and accurate manner. After identifying attacks, Edge Anti-DDoS can quickly clean the traffic and defend against various heavy-traffic attacks, such as SYN flood, UDP flood, and ICMP flood, ensuring service stability.

The EdgeSec node network is built based on the distributed architecture and intelligently schedules global load balancing. When the attack traffic in a CDN edge site reaches the cleaning threshold, the traffic is scheduled to the nearest AAD equipment room with higher bandwidth to cope with ultra-large DDoS attacks and ensure smooth and stable service access in the case of burst attacks.

CC attack prevention

A CC attack protection rule can limit access to a specific path (URL) of the protected website based on a specific IP address in access requests. EdgeSec can accurately identify and mitigate CC attacks, such as brute-force attacks by exploiting weak passwords. Protective actions of CC attack protection rules include Verification code, Block, and Log only.

  • Flexible policy configuration

    You can set rate limiting policies by IP address as required.

  • Returned page customization

    You can customize returned content and page types to meet diverse service needs.

Basic Web Protection

Backed by an extensive preset reputation database, EdgeSec defends against the Open Web Application Security Project (OWASP) top 10 threats, vulnerability exploits, web shells, and other threats.

  • All-around protection

    EdgeSec detects and blocks varied attacks, such as SQL injection, XSS, remote overflow vulnerabilities, file inclusions, Bash vulnerabilities, remote command execution, directory (path) traversal attacks, unauthorized sensitive file access, command/code injections, and XML or Xpath injection attacks.

  • Web shell detection

    Protects against web shells from upload interface.

  • Precise threat identification
    • EdgeSec uses built-in semantic analysis engine and regex engine and supports configuring of blacklist/whitelist rules so that EdgeSec has a low false positives rate.
    • EdgeSec can automatically decode common codes no matter how many times they are encoded.

      EdgeSec can decode the following types of code: url_encode, Unicode, XML, OCT, hexadecimal, HTML escape, and base64 code, case confusion, JavaScript, shell, and PHP concatenation confusion

  • Deep Inspection

    EdgeSec identifies and blocks evasion attacks, such as the ones that use homomorphic character obfuscation, command injection with deformed wildcard characters, UTF7, data URI scheme, and other techniques.

  • Header Inspection

    EdgeSec detects all header fields in the requests.

  • Shiro Decryption Check

    EdgeSec uses AES and Base64 to decrypt the rememberMe field in cookies and checks whether this field is attacked.

Anti-Crawler Protection

EdgeSec dynamically analyzes website service models and accurately identifies multiple crawler behaviors based on data risk control and bot identification systems.

  • Anti-crawler protection with feature libraries

    EdgeSec precisely blocks web page crawlers with custom scanner and crawler rules.

  • JavaScript

    EdgeSec identifies and blocks JavaScript crawling with custom rules.