Edge Security
  • Overview
  • DDoS Protection
    • DDoS Protection Overview
    • Exclusive DDoS Protection Usage
    • Configuration of Exclusive DDoS protection Rules
      • Increase DDoS Protection Level
      • Exclusive DDoS Traffic Alarm
      • Configuration IP blocklist/allowlist
      • Configuration Region Blocking Rule
      • Configuration Port Filtering
      • Configuration Features Filtering
      • Configuration Protocol Blocking Rule
      • Configuration Connections Attack Protection
      • Related References
        • Action
        • Related Concepts Introduction
  • Web Protection
    • Overview
    • Managed rules
    • CC attack defense
    • Custom rule
    • Custom Rate Limiting Rules
    • Exception Rules
    • Managed Custom Rules
    • Web security monitoring alarm
    • Refer
      • Web Protection Request Processing Order
      • Action
      • Match Condition
  • Bot Management
    • Overview
    • Bot Intelligent analysis
    • Bot Basic Feature Management
    • Client Reputation
    • Active Detection
    • Custom Bot Rule
    • Bot Exception Rule
    • Related References
      • Action
  • Rules Template
  • IP and IP Segment Grouping
  • Origin Protection
  • Custom Response Page
  • Alarm Notification
  • SSL/TLS
    • Overview
    • Deploying/Updating SSL Certificate for A Domain Name
    • Configuring A Free Certificate for A Domain Name
    • HTTPS Configuration
      • Forced HTTPS Access
      • Enabling HSTS
      • SSL/TLS Security Configuration
        • Configuring SSL/TLS Security
        • TLS Versions and Cipher Suites
      • Enabling OCSP Stapling

Rules Template

Overview

When you have a large number of domains that need to be connected to EdgeOne Web Protection at the same time, if the protection policies required by the domains are exactly the same, when you need to modify the Web Protection policies, modifying them one by one will bring a large amount of maintenance workload.
EdgeOne's security protection provides you with a policy template function, which allows you to save security policies as templates and apply the template policies to specified domains. You can directly modify the corresponding security protection policies in the template management, and it will take effect on all domains that have applied this template, greatly reducing your operation and maintenance costs.
Note:
1. Policy templates only support Web Protection policies, Bot management policies, and custom error pages.
2. Using policy templates will overwrite the current domain's protection policies, and the current domain's protection policies will be lost.
3. After using the policy template, the temporary client list currently blocked in the intelligent CC attack defense will be cleared, and the newly added temporary blocked client list will not affect other domains in the policy template.




Directions

Binding Protection Template

Scenario 1: Create a new policy template and apply it to specified domains/sites

For example: You currently need to create a new policy template named "template" and apply this policy template to all domains within the site example.com. You can follow the steps below:
1. Log in to the EdgeOne console, click on the site list in the left menu bar, click on the site to be configured in the site list, and enter the site details page.
2. In the site details page, click on security protection > Protection templates to enter the policy template management interface.
3. In the left protection policy template, click on "New template", enter the template name, and press the carriage return key to create a new template.



4. After the creation is complete, click on the template name created in step 3 to enter the template editing page. You can complete the configuration and modification of related rules in this interface. For configuration, please refer to: Web Protection, Bot management.
5. Apply the configured policy template to the site, supporting the following three application methods:
current site: Apply the current policy template to the domain or all domains under the current site;
single sites: Apply the current policy template to the domain or all domains under other specified sites;
multiple sites: Apply the current policy template to multiple specified sites' domains or all domains. When batch applying to sites, wildcard expressions can be used to match domains. For example:
In this scenario, you need to apply this policy template to all domains within example.com. You can click on "Apply to Domains" in the template, select the application method as "Apply to Specified Site", and select the site as example.com, check "Apply to all domains under this site", and configure as follows:



6. Click save to complete the policy template application.

Scenario 2: Apply an existing template to newly added domains/sites

For example: You currently have a Web security protection policy template named "template" configured under the site example.com, and now a new domain named www.example.com has been added under the current site. The Web protection policy of this domain is exactly the same as the template "template". You can quickly apply the current policy template to this domain by using the template policy. You can follow the steps below:
Method 1: Operate in the policy template
Method 2: Operate in the protection configuration
1. Log in to the EdgeOne console, click on the site list in the left menu bar, click on the site to be configured in the site list, and enter the site details page.
2. In the site details page, click on security protection > Protection template to enter the policy template management interface.
3. Select the corresponding protection template, such as "template".
4. Click on "Apply to Domain", in this scenario, you can choose the application method as "Current Site", and select the domain in the domain list as www.example.com.



5. Click save to complete the policy template application.
1. Log in to the EdgeOne console, click on the site list in the left menu bar, click on the site to be configured in the site list, and enter the site details page.
2. In the site details page, select the protection module to be configured, for example, click on security protection > Web Protection to enter the Web Protection policy configuration page.
3. In the protection domain list, select the domain to be configured, such as: www.example.com.
4. Click on "Use Protection Template" in the upper right corner, and select the template policy to be applied, such as: "template".



5. Click OK to complete the template policy application.

Unbinding Protection Template

For example: You currently have a Web protection policy template named "template" bound to the domain www.example.com under the site example.com. If this domain has a personalized protection policy configuration that is different from other domains, you need to add a custom rule while retaining the current security configuration. You need to unbind the corresponding policy template to configure it. You can follow the steps below:
1. Log in to the EdgeOne console, click on the site list in the left menu bar, click on the site to be configured in the site list, and enter the site details page.
2. In the site details page, select the protection module to be configured, for example, click on security protection > Web Protection to enter the Web Protection policy configuration page.
3. In the left protection domain list, select the domain that needs to unbind the policy template, such as: www.example.com.
4. Domains bound to policy templates can only view configurations and cannot be modified. Click on "Remove Policy Template" and support two unbinding operations:
Retain current security policy: After unbinding, retain the security protection policy content configured by the current policy template.
Use empty package security policy: Clear all security policies and reconfigure.
In this scenario, you can choose to retain the current security policy information.



5. Click confirm to unbind.