边缘安全 EdgeSec
边缘安全 EdgeSec
- 最新动态
- 功能总览
- 产品介绍
- 计费说明
- 用户指南
- 最佳实践
-
API参考
- 使用前必读
- API概览
- 如何调用API
- API
-
附录
- 状态码
- 错误码
-
故障排除
- EdgeSec.00000005 参数无效异常
- EdgeSec.00000013 并发修改异常
- EdgeSec.00000014 只支持默认企业项目
- EdgeSec.00000015 全部企业项目下不能支持写操作
- EdgeSec.00000018 不支持资源迁移到非默认企业项目
- EdgeSec.00000019 冻结状态下迁入迁出企业项目异常
- EdgeSec.00000023 当前规格不支持租户相关操作
- EdgeSec.00000025 阻断时间无效异常
- EdgeSec.00000026 白名单规则类型无效异常
- EdgeSec.00000027 CC规则条件长度无效异常
- EdgeSec.00010001 IAM服务项目无效异常
- EdgeSec.00010005 WAF策略规则配额不够
- EdgeSec.00010006 已有的边缘WAF黑白名单规则数量超过当前配额
- EdgeSec.00010007 边缘WAF的IP地址组配额不够
- EdgeSec.00010008 边缘WAF证书配额不够
- EdgeSec.00030001 DDoS概览参数无效异常
- EdgeSec.00030003 DDoS概览查询类型异常
- EdgeSec.00030002 DDoS概览查询异常
- EdgeSec.00040007 无操作权限
- EdgeSec.00040013 一级域名配额不够
- EdgeSec.00040014 扩展资源配额已使用
- WAF.00022002 资源已经存在
- WAF.00014002 资源已经存在
- common.01010003 无购买权限
- 获取项目ID
- SDK参考
- 常见问题
- 通用参考
本文导读
链接复制成功!
Cookie-based CC Attack Protection
Attack Examples
Attackers may control several hosts and disguise as normal visitors to continuously send HTTP POST requests to website www.example.com through the same IP address or many different IP addresses. As a result, the website may respond slowly or even fails to respond to normal requests as the attackers exhausted website resources like connections and bandwidth.
Protective Measures
- Based on the access statistics, check whether a large number of requests are sent from a specific IP address. If yes, it is likely that the website is hit by CC attacks.
- Log in to the management console.
- Click
in the upper left corner of the page and choose Content Delivery & Edge Computing > CDN and Security. - In the navigation pane on the left, choose Edge Security > Website Settings. The Website Settings page is displayed.
- In the Policy column of the row containing the target domain name, click the number of enabled protection rules. On the page displayed, confirm that the status of CC attack protection is enabled (
) and click Customize Rule.
Figure 1 CC Attack Protection configuration area
- In the upper left corner of the CC Attack Protection page, click Add Rule, set Rate Limit Mode to Cookie, and enter a field name.
NOTE:
With a CC attack protection rule, you can set Protective Action to Block and specify Block Duration. Then, once an attack is blocked, the attacker will be blocked until the block duration expires. These settings are recommended if your applications have high security requirements.
Figure 2 Per user
- Rate Limit Mode: Select Cookie to distinguish a single web visitor based on the cookie.
- Rate Limit: Number of requests allowed from a website visitor in the rate limiting period. The visitor's access request is denied if the limit is reached.
- Protective Action: Select Block. Once an attack is blocked, the attacker will be blocked until the block duration expires. These settings are recommended if your applications have high security requirements.
- Verification code: EdgeSec allows requests that trigger the rule as long as your website visitors complete the required verification. Currently, verification code supports English.
- Block: EdgeSec blocks requests that trigger the rule.
- Log only: EdgeSec only logs requests that trigger the rule.
- Block Page: Select Default settings or Custom.
Parent topic: CC Attack Protection
