Updated on 2024-12-20 GMT+08:00

Overview

Application Scenarios

If you find that your website becomes slow and its network bandwidth usage jumps high, the website may suffer from CC attacks. In this case, check whether the number of access logs or network connections increases sharply. If yes, your website is suffering from CC attacks. Then you can configure a protection rule to protect your website from CC attacks.

  • WAF protects application-layer traffic against DoS attacks, such as HTTP GET attacks.
  • WAF does not protect your website at or below layer 4 against DDoS traffic, such as ACK Flood and UDP flood attacks. Anti-DDoS and Advanced Anti-DDoS (AAD) are recommended to defend against such attacks.

This section guides you through configuring IP address-based rate limiting and cookie-based protection rules to defend against Challenge Collapsar (CC) attacks.

Solution Selection

Advantages

This practice provides a solution to help quickly defend against CC attacks in multiple scenarios.

Resource and Cost Planning

Table 1 Resources and costs

Resource

Description

Monthly Fee

Web Application Firewall

Cloud - Standard edition

  • Billing mode: Yearly/Monthly
  • Number of domain names that can be protected: 10
  • QPS quota: 2,000 QPS
  • Peak bandwidth: 100 Mbit/s inside the cloud and 30 Mbit/s outside the cloud

For details about pricing rules, see Billing Description.