Edge Security
  • Overview
  • DDoS Protection
    • DDoS Protection Overview
    • Exclusive DDoS Protection Usage
    • Configuration of Exclusive DDoS protection Rules
      • Increase DDoS Protection Level
      • Exclusive DDoS Traffic Alarm
      • Configuration IP blocklist/allowlist
      • Configuration Region Blocking Rule
      • Configuration Port Filtering
      • Configuration Features Filtering
      • Configuration Protocol Blocking Rule
      • Configuration Connections Attack Protection
      • Related References
        • Action
        • Related Concepts Introduction
  • Web Protection
    • Overview
    • Managed rules
    • CC attack defense
    • Custom rule
    • Custom Rate Limiting Rules
    • Exception Rules
    • Managed Custom Rules
    • Web security monitoring alarm
    • Refer
      • Web Protection Request Processing Order
      • Action
      • Match Condition
  • Bot Management
    • Overview
    • Bot Intelligent analysis
    • Bot Basic Feature Management
    • Client Reputation
    • Active Detection
    • Custom Bot Rule
    • Bot Exception Rule
    • Related References
      • Action
  • Rules Template
  • IP and IP Segment Grouping
  • Origin Protection
  • Custom Response Page
  • Alarm Notification
  • SSL/TLS
    • Overview
    • Deploying/Updating SSL Certificate for A Domain Name
    • Configuring A Free Certificate for A Domain Name
    • HTTPS Configuration
      • Forced HTTPS Access
      • Enabling HSTS
      • SSL/TLS Security Configuration
        • Configuring SSL/TLS Security
        • TLS Versions and Cipher Suites
      • Enabling OCSP Stapling
이 페이지는 현재 영어로만 제공되며 한국어 버전은 곧 제공될 예정입니다. 기다려 주셔서 감사드립니다.

Increase DDoS Protection Level

The Protection level is the default protection template provided by EdgeOne DDoS protection. DDoS protection will automatically intercept traffic attacks that match the features according to the protection level. The following are the protection strategy descriptions for each protection level:
Note:
This function is only supported when the L4 proxy is enabled for Exclusive DDoS protection. The default platform protection and L7 site Exclusive DDoS protection do not support configuration.

Protection strategies for each protection level

Comparison items
Loose
The cleaning strategy is relatively loose, and only attack packets with clear attack features are protected. It is suggested to enable when false interception is suspected, and complex attacks may penetrate.
Moderate (default)
The cleaning strategy adapts to the vast majority of businesses and can effectively protect against common attacks. DDoS protection defaults to moderate mode.
Strict
The cleaning strategy is relatively strict, and it is recommended to use when attack penetration occurs in normal mode.
Data packets with clear attack features
SYN data package
Filter
Filter
Filter
ACK data package
Filter
Filter
Filter
UDP data package
Filter
Filter
Filter
Data packets not conforming to protocol specifications
TCP data package
Filter
Filter
Filter
UDP data package
Filter
Filter
Filter
ICMP data package
Filter
Filter
Filter
Attack data packets based on threat intelligence
Not filter
Filter
Filter
Active verification of some access source IP
Not filter
Filter
Filter
ICMP attack packet
Not filter
Not filter
Filter

Adjust protection level

If your business has the following two situations, it is recommended that you adjust the protection level:
During the current business operation, if there is false interception in the Log analytics, in order to ensure the availability of the business, you can reduce the protection strategy level to Loose;
During the current business operation, if there is still attack penetration to the origin under the Moderate protection level, it is recommended that you increase the protection level to Strict.
You can follow the steps below to adjust:
1. Log in to the EdgeOne console, click on the site list in the left menu bar, and click on the site to be configured in the site list to enter the site details page.
2. On the site details page, click Security protection > DDoS protection to enter the DDoS protection detail page.
3. In the L4 proxy protection tab, select the L4 proxy protection instance that needs to be configured, and click Security configuration.
4. Find the L3/4 DDoS Protection level card, click Set, and adjust the protection level;