Edge Security
  • DDoS and Web Protection
    • Overview
    • DDoS Protection
      • DDoS Protection Overview
      • Exclusive DDoS Protection Usage
      • Configuration of Exclusive DDoS protection Rules
        • Increase DDoS Protection Level
        • Configuration IP blocklist/allowlist
        • Configuration Region Blocking Rule
        • Configuration Port Filtering
        • Configuration Features Filtering
        • Configuration Protocol Blocking Rule
        • Configuration Connections Attack Protection
        • Exclusive DDoS Traffic Alarm
        • Related References
          • DDoS Protection Processing Order
          • Action
          • Related Concepts Introduction
      • Related References
        • DDoS Protection Console Update (2026-01-12)
    • Web Protection
      • Overview
      • Configuring Web Protection Policy
      • Custom rule
      • Rate Limiting
        • Bandwidth Abuse Protection
        • CC attack defense
        • Custom Rate Limiting Rules
      • Hosting Rules
        • Managed rules
        • High-Frequency Scan Protection
      • Exception Rules
      • Managed Custom Rules
      • Web security monitoring alarm
      • Related References
        • Web Protection Request Processing Order
        • Action
        • Match Condition
    • Bot Management
      • Overview
      • AI Crawler Control
      • Bot Intelligent analysis
      • Bot Basic Feature Management
      • Client Reputation
      • Active Detection
      • Custom Bot Rule
      • Client authentication (Beta)
        • Overview
        • Attestation Flow
        • Integration Guidelines
          • Step 1: Configure Authentication Method
          • Step 2: Integrate Client Authentication
            • Browser & WebView Integration
            • iOS Integration
            • iOS Integration
            • Mobile Integration References
          • Step 3: Configure Client Attestation Rules
          • Step 4: Verify Client Attestation
      • Related References
        • Action
    • API Discovery(Beta)
Docs Overview/
Edge Security/
DDoS and Web Protection/
DDoS Protection/
Configuration of Exclusive DDoS protection Rules/
Related References/
DDoS Protection Processing Order/

DDoS Protection Processing Order

DDoS protection provides flexible DDoS custom protection policy for your business protection needs. You can configure flexible policies based on special business characteristics to handle ever-changing attack techniques. For layer 4 proxy instances, it supports the following custom rule configuration capability:
Protection Module
Feature Description
Limit access to EdgeOne sites via IP blocklist and allowlist match when attacking.
Limit access to EdgeOne sites by restricting specified ports with custom port rules during DDoS attacks.
Configurable to only allow users through specified protocol to access EdgeOne site.
Support for protection against connection-based attacks, with auto-block for clients showing abnormal connect behavior.
Support custom policies targeting the characteristics of IP, TCP, and UDP packet headers or payloads in DDoS attacks.
Limit access to EdgeOne sites via matching region in DDoS attacks.
Note:
1. L3/4 DDoS protection policies are only available for L4 proxy instances with advanced or ultimate protection levels. They cannot be configured for other scenarios.
2. When access traffic matches policies of multiple protection modules at the same time, EO will process them by the module order shown in the table.