Edge Security

Overview
DDoS Protection
- DDoS Protection Overview
- Exclusive DDoS Protection Usage
- Configuration of Exclusive DDoS protection Rules
  - Increase DDoS Protection Level
  - Exclusive DDoS Traffic Alarm
  - Configuration IP blocklist/allowlist
  - Configuration Region Blocking Rule
  - Configuration Port Filtering
  - Configuration Features Filtering
  - Configuration Protocol Blocking Rule
  - Configuration Connections Attack Protection
  - Related References
    - Action
    - Related Concepts Introduction
Web Protection
- Overview
- Managed rules
- CC attack defense
- Custom rule
- Custom Rate Limiting Rules
- Exception Rules
- Managed Custom Rules
- Web security monitoring alarm
- Refer
  - Web Protection Request Processing Order
  - Action
  - Match Condition
Bot Management
- Overview
- Bot Intelligent analysis
- Bot Basic Feature Management
- Client Reputation
- Active Detection
- Custom Bot Rule
- Bot Exception Rule
- Related References
  - Action
Rules Template
IP and IP Segment Grouping
Origin Protection
Custom Response Page
Alarm Notification
SSL/TLS
- Overview
- Deploying/Updating SSL Certificate for A Domain Name
- Configuring A Free Certificate for A Domain Name
- HTTPS Configuration
  - Forced HTTPS Access
  - Enabling HSTS
  - SSL/TLS Security Configuration
    - Configuring SSL/TLS Security
    - TLS Versions and Cipher Suites
  - Enabling OCSP Stapling

Web Protection Request Processing Order

When Web Protection receives a request, it will first go through each security module in the following order, and only requests that have passed the security module scans will continue to be processed by other function modules.
Module processing order
Processing method of requests
﻿Exception rules﻿
When a request matches multiple rules, all matched rules apply.
﻿Custom rule﻿
When a request matches multiple rules, they are executed in order from high to low priority (priority value from small to large).Note 1﻿
﻿Rate limiting﻿
All rules hit by the request are counted, and rules that meet the rate condition apply independently.Note 2﻿
Rules that meet the rate condition are executed in order from high to low priority (priority value from small to large) .Note 2﻿
﻿CC attack defense﻿
When a request hits multiple rules, all matched rules apply.
Bot management
For details, please see Bot Management.
Note:
﻿Note 1:
 When a request matches multiple custom rules, if a higher priority rule handles the request (except for observation), the request will not continue to match lower priority rules. When the priorities are the same, the actions are executed in the following order: observe > release > Managed challenge > JavaScript challenge > redirect > Return specified page > blocking IP > intercept.
﻿Note 2: 
Hitting an effective rate limiting rule does not affect the statistics of other rate limiting rules. When the same request hits multiple rate limiting rules, the matching and handling are performed according to the priority order of the effective rate limiting rules. When multiple rate limiting rules with the same priority are effective and matched by the request at the same time, the actions are executed in the following order: observe > release > Managed challenge > JavaScript challenge > redirect > Return specified page > blocking IP > intercept.
﻿

Module processing order	Processing method of requests
Exception rules	When a request matches multiple rules, all matched rules apply.
Custom rule	When a request matches multiple rules, they are executed in order from high to low priority (priority value from small to large).^{Note 1}
Rate limiting	All rules hit by the request are counted, and rules that meet the rate condition apply independently.^{Note 2} Rules that meet the rate condition are executed in order from high to low priority (priority value from small to large) .^{Note 2}
CC attack defense	When a request hits multiple rules, all matched rules apply.
Bot management	For details, please see Bot Management.