Edge Security
  • Overview
  • DDoS Protection
    • DDoS Protection Overview
    • Exclusive DDoS Protection Usage
    • Configuration of Exclusive DDoS protection Rules
      • Increase DDoS Protection Level
      • Exclusive DDoS Traffic Alarm
      • Configuration IP blocklist/allowlist
      • Configuration Region Blocking Rule
      • Configuration Port Filtering
      • Configuration Features Filtering
      • Configuration Protocol Blocking Rule
      • Configuration Connections Attack Protection
      • Related References
        • Action
        • Related Concepts Introduction
  • Web Protection
    • Overview
    • Managed rules
    • CC attack defense
    • Custom rule
    • Custom Rate Limiting Rules
    • Exception Rules
    • Managed Custom Rules
    • Web security monitoring alarm
    • Refer
      • Web Protection Request Processing Order
      • Action
      • Match Condition
  • Bot Management
    • Overview
    • Bot Intelligent analysis
    • Bot Basic Feature Management
    • Client Reputation
    • Active Detection
    • Custom Bot Rule
    • Bot Exception Rule
    • Related References
      • Action
  • Rules Template
  • IP and IP Segment Grouping
  • Origin Protection
  • Custom Response Page
  • Alarm Notification
  • SSL/TLS
    • Overview
    • Deploying/Updating SSL Certificate for A Domain Name
    • Configuring A Free Certificate for A Domain Name
    • HTTPS Configuration
      • Forced HTTPS Access
      • Enabling HSTS
      • SSL/TLS Security Configuration
        • Configuring SSL/TLS Security
        • TLS Versions and Cipher Suites
      • Enabling OCSP Stapling
이 페이지는 현재 영어로만 제공되며 한국어 버전은 곧 제공될 예정입니다. 기다려 주셔서 감사드립니다.

Overview

Web Protection provides application layer protection for HTTP/HTTPS protocols. You can use EdgeOne's preset security policies or define your own security policies to identify and handle risky requests, protect sensitive data on your site, and ensure stable service operation.
Note:
EdgeOne does not charge for requests blocked by security policies.

Applicable Scenarios

Web Protection can control and mitigate various risks, with typical scenarios including:
Vulnerability attack protection: For sites involving customer data or sensitive business data, you can enable managed rules to intercept injection attacks, cross-site scripting attacks, remote code execution attacks, and malicious attack requests from third-party component vulnerabilities.
Access control: Distinguish between valid and unauthorized requests to prevent sensitive business exposure to unauthorized visitors. This includes external site link control, partner access control, and attack client filtering.
Mitigating resource occupation: Limit the access frequency of each visitor to avoid excessive resource occupation, which may cause service availability decline. EdgeOne's rate limiting can effectively mitigate site resource exhaustion and ensure stable service availability.
Mitigating service abuse: Limit session or business dimension abuse, including batch registration, batch login, excessive use of API, and other malicious usage scenarios. Strengthen the usage quota of a single session (such as users, instances, etc.) to ensure that users use service resources within a reasonable limit.
API parameter verification: Verify API parameters to ensure the legality of requests and control interface exposure risk.

Features

Web Protection provides the following features, and it is suggested to configure them based on the business type and expected client types for business:
Note:
Different protection modules' disposal order priority and the execution priority of the same priority rules within the module. For details, see Web Protection Requests Processing Order.
Protection Module
Function Introduction
Requests that match the conditions skip the scanning of the specified security module and will not hit the rules in the corresponding module. For managed rules, more detailed exceptions can be configured to skip the scanning of specified managed rules.
Apply the corresponding action to requests that match the specified conditions.
Identify CC attacks (Layer 7 DDoS attack) and apply the corresponding action.
Count the number of requests that match the conditions within a certain period of time. When the number exceeds the specified threshold, the rule applies and handles the requests that match the conditions. After the number of requests falls below the threshold, the action remains effective for a certain period of time, and then no longer applies until triggered again.
Identify non-human access behavior (bot clients) and apply the corresponding action based on bot client type or behavioral features.
Identify attack features (including SQL injection, XSS attack, open source component vulnerability, etc.) in request headers or body, and apply the corresponding action. Rules are defined by EdgeOne and auto-renewal.