Help Center>
Web Application Firewall>
Best Practices>
Configuring Protection Policies>
Configuring CC Attack Protection
Updated on 2024-02-05 GMT+08:00
Configuring CC Attack Protection
- Overview
This section guides you through configuring IP address-based rate limiting and cookie-based protection rules against Challenge Collapsar (CC) attacks. - Configuring CC Attack Protection for Common Scenarios
- IP Address-based Rate Limiting
If no proxy is used between WAF and web visitors, limiting source IP addresses is an effective way to detect attacks. IP address-based rate limiting policies are recommended. - Cookie-based CC Attack Protection
In some cases, it may be difficult for WAF to obtain real IP addresses of website visitors. For example, if a website uses proxies that do not use the X-Forwarded-For HTTP header field, WAF is unable to obtain the real access IP addresses. In this situation, the cookie field should be configured to identify visitors and All WAF instances should be enabled for precise user-based rate limiting. - Restricting Malicious Requests in Promotions by Using Cookies and HWWAFSESID
Parent topic: Configuring Protection Policies
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbot