Help Center/ Edge Security/ Best Practices/ CC Attack Protection/ Preventing Bonus Hunting by Configuring Service Cookies and System IDs
Updated on 2025-09-15 GMT+08:00
View PDF
Share

Preventing Bonus Hunting by Configuring Service Cookies and System IDs

This topic introduces how to configure service cookies and system IDs to restrict malicious bonus hunting and downloads.

Application Scenarios

Using Cookies (or User IDs) to Configure a Path-based CC Attack Protection Rule

  1. Log in to the EdgeSec console.
  2. In the navigation pane on the left, choose Edge Security > Website Settings. The Website Settings page is displayed.
  3. In the Policy column of the row containing the target domain name, click the number of enabled protection rules. On the page displayed, confirm that the status of CC attack protection is enabled () and click Customize Rule.
  4. In the upper left corner of the CC Attack Protection page, click Add Rule. Use service cookies to configure the CC attack rate limit mode based on paths. Enter the service cookie or user ID. For details, see Figure 1.

    Figure 1 Configuring service cookies

  5. Click Confirm.

Using a System ID to Configure a Path-based CC Attack Protection Rule

  1. Log in to the EdgeSec console.
  2. In the navigation pane on the left, choose Edge Security > Website Settings. The Website Settings page is displayed.
  3. In the Policy column of the row containing the target domain name, click the number of enabled protection rules. On the page displayed, confirm that the status of CC attack protection is enabled () and click Customize Rule.
  4. In the upper left corner of the CC Attack Protection page, click Add Rule. Configure a CC attack protection rule using system ID like HWSESID to limit traffic to the path. Figure 2 shows an example rule.

    Figure 2 System ID

  5. Click Confirm.
Parent topic: CC Attack Protection