EdgeOne 2025 Q3 Product Updates: Major Upgrades in Rules Engine, Security, and Pages
EdgeOne consistently adheres to user feedback, continuously iterating on product upgrades and researching advanced technical directions. This blog outlines the key innovations launched by EdgeOne in Q3, focusing on edge acceleration, edge security, edge developer platform, and newly added data analytics metrics.
Edge Acceleration
Configuration Bottlenecks: Difficulties implementing complex business scenarios, insufficient precision in regional control
● Basic variable capabilities are insufficient for complex business requirements. For example, customers may need to reference the filename parameter from a URL as the Content-Disposition header value (e.g., attachment; filename="${http.request.filename}");
● The existing "Intelligent Compression" feature is limited to HOST-based matching, failing to address scenarios requiring compression based on Content-Type, file extensions, or other criteria;
● Standard country-level rules do not account for disputed territories. Maintaining manual IP lists for these regions is costly and error-prone, complicating compliance and operations.
Enhanced Rules Engine Capabilities: Variable support and granular regional control for more flexible configuration
● The rule engine now offers enhanced variable support, including operations on variables and concatenation of variables with constants. This applies to operations such as "Modify HTTP Nodes Response Header" "Modify HTTP Origin-pull Request Header" "Rewrite Host Header" "Modify Origin" and "Speed Limit For Single Connection Download"enabling more sophisticated and flexible business logic;
● The existing "Intelligent Compression" functionality remains available. A new "Content Compression" operation (using a whitelist approach) has been added, supporting a wider range of matching conditions. Future plans include support for Zstandard (ZSTD) compression;
● A “Disputed Territories” matcher has been added to the Rule Engine. The console interface uses ISO 3166 standards for selection, including country-level options (ISO 3166-1) with prompts when disputed areas are involved. An “Other Regions” category provides a list of disputed regions organized by ISO 3166-2 codes. This feature allows configuration of HTTP response actions to enforce precise regional blocking as needed.
Benefits:
● Enhanced standard rule engine capabilities allow complex requirements like variable manipulation and content compression to be configured directly through the console, eliminating the need for custom backend configurations and improving efficiency;
● The introduction of a disputed territories matching option provides out-of-the-box compliance control for global services. It ensures accurate and flexible geolocation access management without requiring manual IP list updates or separate handling of ambiguous regions, thereby reducing configuration complexity and compliance risk.
Edge Security
Security Risks: Advanced bots are difficult to identify, leading to rising operational costs
● Advanced bots can imitate real users, so traffic-only rules miss attacks;
● High-value flows attract scripted abuse;
● Without edge enforcement, multi-client and multi-region operations add latency and cost.
Client Attestation: Protect important API flows (login, purchase, signup)
● The app or browser performs a quick on-device attestation and gets a token;
● The client includes this token in calls to protected APIs;
● Edge nodes verify the token and policy. Clean requests proceed. Suspicious requests are challenged (for example, human verification) or blocked.
Benefits:
● Higher precision by using device and client signals instead of traffic patterns alone;
● Low friction for legitimate users, only risky requests face challenges;
● Edge-first enforcement reduces origin load and improves latency;
● Broad coverage with simple SDK/JS integration for iOS, Android, Web/H5, and WebView, plus built-in challenge flows;
● Adaptive policies combine invisible checks with interactive challenges to balance security and conversion.
Operational Challenges: Prone-to-error manual processes and high maintenance costs
In daily security operations, it is often necessary to temporarily block or allow batches of IPs or subnets. Relying on manual rule additions and removals is cumbersome, inefficient, and prone to omissions, causing IP groups to grow excessively or rules to accumulate. This increases operational risk and management overhead.
IP Group Supports Custom Expiration Time: Enhancing Flexibility and Control of Client IP Management Policies
The newly introduced IP expiration time configuration enables setting a validity period for IPs or subnets within an IP group on the console. Upon expiration, the relevant IPs or subnets are automatically invalidated and removed without any manual intervention. This is ideal for typical scenarios such as temporary blocks, canary releases, and rate-limit whitelists, effectively enhancing the flexibility and controllability of client IP management policies.
Benefits:
By customizing expiration times (with a default minimum of 1 hour), you can automate the lifecycle management of short-term IPs or subnets, reducing manual efforts and improving policy management flexibility and accuracy. This lowers the risk of false positives or residual rules, significantly boosting overall operational efficiency.
Edge Developer Platform
Configuration Challenges: Streamlining the Deployment Process
Once the code is written, developers often face significant hurdles when moving to deployment. This typically involves complex and time-consuming tasks such as server configuration, managing environment dependencies, setting up SSL certificates, implementing security protections, configuring CDN acceleration, establishing DevOps pipelines, and configuring monitoring alerts.
To address these challenges, EdgeOne Pages offers a full-stack solution that simplifies the entire process. Deployment becomes as simple as committing code, allowing developers to concentrate on implementation while EdgeOne Pages handles the complete workflow of building, deploying, and maintaining the application.
The Global Alternative for Full-Stack Edge Development
A full-stack edge development platform designed to empower developers, so you can focus on building, not the infrastructure. Zero-configuration support for all features of mainstream full-stack frameworks like Next.js, combined with cloud-edge integration architecture to empower developers in building high-performance applications.
Supports SSR and ISR features of frameworks like Next.js, simultaneously supports edge functions and the Node.js ecosystem, facilitating the construction of complex integration of front-end and back-end projects. This update delivers:
● Full Node.js compatibility
● Deep Next.js integration (SSR & ISR)
● Node Functions for complex APIs
● CLI support for local full-stack dev & debugging
Data Analysis
Lack of Data Transparency: Difficulty evaluating cache performance
● Customers are unable to accurately collect and analyze origin pull data, resulting in difficulty evaluating the cache effectiveness of the EdgeOne CDN service;
● The need to comply with origin data API requirements in CDN project tender documents specific to the financial sector.
Layer 7 Origin Pull and Origin Offload Rate Data Monitoring and Analysis: Optimizing Network Performance
Layer 7 origin pull data and origin offload rate metrics are available via the console and API to assist customers in monitoring and analyzing origin pull performance. This functionality is enabled by default for all customers; it is not displayed only for a limited number of customers whose domain configurations or underlying domain scheduling architectures have not been updated and therefore cannot correctly collect this data.
Benefits:
● Comprehensive Monitoring: Offers complete monitoring of Layer 7 origin pull and origin offload rate data, enabling customers to gain in-depth insight into network performance;
● Easy Integration: Provides flexible data integration through API access;
● Tender Compliance: Meets the origin data API requirements specified in CDN tender documents for the financial industry, enhancing competitiveness.
EdgeOne remains committed to listening to user feedback, continuously iterating on our products, and delivering more efficient and flexible services to safeguard your business operations.
