Help Center/ Web Application Firewall/ Drawer/ CC Attack Protection/ Rate Limit Mode
Updated on 2025-10-27 GMT+08:00
Share

Rate Limit Mode

Description

  • Source: Requests from a specific source are limited. For example, if traffic from an IP address (or user) exceeds the rate limit you configure in this rule, WAF limits traffic rate of the IP address (or user) in the way you configure.
    • Per IP address: A website visitor is identified by the IP address.
    • Per user: A website visitor is identified by the key value of Cookie or Header.
    • Other: A website visitor is identified by the Referer field (user-defined request source).

    If you set Rate Limit Mode to Other, set Content of Referer to a complete URL containing the domain name. The Content field supports prefix match and exact match only, but cannot contain two or more consecutive slashes, for example, ///admin. If you enter ///admin, WAF will convert it to /admin.

    For example, if you do not want visitors to access www.test.com, set Referer to http://www.test.com.

  • Destination: If this parameter is selected, the following rate limit types are available:
    • By rule: If this rule is used by multiple domain names, requests for all these domain names are counted for this rule no matter what IP addresses these requests originate from. If you have added a wildcard domain name to WAF, requests to all domain names matched the wildcard domain name are counted for triggering this rule no matter what IP addresses these requests originate from.
    • By domain name: Requests for each domain name are counted separately. If the number exceeds the threshold you configure, the protective action is triggered no matter what IP addresses these requests originate from.
    • By URL: Requests for each URL are counted separately. If the number exceeds the threshold you configure, the protective action is triggered no matter what IP addresses these requests originate from.
Parent Topic: CC Attack Protection