Learn about our DDoS protection module's various action methods and processing rules. Choose from Deny, Allow, Discard and block, or Continue protection to safeguard your network. Discover how our module enhances security and performance.

DDoS Protection: Multiple Action Methods & Processing Rules

The DDoS protection module provides multiple action methods. The processing rules for different actions are as follows:

Overview

概述

Quickly Import and Export Site Configuration

Token Authentication

Token 鉴权

Access Control

访问控制

Smart Acceleration

智能加速

Smart Compression

智能压缩

File Optimization

文件优化

HTTP/2

 HTTP/3(QUIC)

IPv6 Access

IPv6 访问

Maximum Upload Size

最大上传大小

WebSocket

Client IP Geolocation Header

携带客户端 IP 头部回源

Client IP Geographical Location

携带客户端 IP 地理位置头部回源

gRPC

开启 gRPC

Network Optimization

网络优化

Access URL Redirection

访问 URL 重定向

Origin-Pull URL Rewrite

回源 URL 重写

URL Rewrite

URL 重写

Modifying HTTP Response Headers

修改 HTTP 节点响应头

Modifying HTTP Request Headers

修改 HTTP 回源请求头

Modifying Header

修改头部

Custom Error Page

自定义错误页面

Processing order

请求处理顺序

Default HTTP Headers of Origin-Pull Requests

EdgeOne 默认 HTTP 回源请求头

Default HTTP Response Headers

EdgeOne 默认 HTTP 响应头

Request and Response Actions

请求与响应行为

Audio and Video Pre-pulling

Just-in-Time Image Processing

Just-in-Time Media Processing

VOD Media Origin

Media Services

Site Acceleration

站点加速

Creating an L4 Proxy Instance

新建四层代理实例

Modifying an L4 Proxy Instance

修改四层代理实例配置

Disabling or Deleting an L4 Proxy Instance

停用/删除四层代理实例

Batch Configuring Forwarding Rules

批量配置转发规则

Obtaining Real TCP Client IPs via TOA

通过 TOA 获取 TCP 协议客户端真实 IP

Obtaining Real Client IPs Through Protocol V1/V2

通过 Proxy Protocol V1/V2 协议获取客户端真实 IP

Transmitting Client Real IP via SPP Protocol

通过 SPP 协议传递客户端真实 IP

Obtaining Real Client IPs

获取客户端真实IP

L4 Proxy

四层代理

Modifying DNS Servers

修改 DNS 服务器

Configuring DNS Records

配置域名 DNS 解析记录

Advanced DNS Configuration

DNS 高级配置

 Hosting DNS Records

托管域名 DNS 解析

Adding A Domain Name for Acceleration

添加加速域名

Ownership Verification

站点/域名归属权验证

Modifying CNAME Records

修改 CNAME 解析

Domain Connection

接入加速域名

Configuration Guide

配置指南

Batch Connecting SaaS Domain Names

通过别称域名批量接入 SaaS 建站域名

Configuring Alias Domain Names for Disaster Recovery

别称域名实现业务的容灾

Domain alias

别称域名

Traffic Scheduling Management

流量调度管理

Traffic Scheduling

流量调度

Origin-pull configuration

回源配置

Load Balancing

负载均衡

Origin Group Configuration

源站组操作指引

Related References

Collect EdgeOne origin-pull node IP

获取 EdgeOne 回源节点 IP

Origin Configuration

源站配置

Edge DNS

边缘 DNS

Content Cache Rules

EdgeOne 内容缓存规则

Cache Key Introduction

缓存键（Cache Key）介绍

Vary Feature

Vary 特性

EdgeOne Cache Rules

EdgeOne 缓存规则介绍

Custom Cache Key

自定义 Cache Key

Node Cache TTL

节点缓存 TTL

Status Code Cache TTL

状态码缓存 TTL

Browser Cache TTL

浏览器缓存 TTL

Offline Caching

离线缓存

Cache Prefresh

缓存预刷新

Cache Configuration

缓存配置

Cache Purge

清除缓存

URL Pre-Warming

预热缓存

Clear and Preheat Cach

清除和预热缓存

How to improve the Cache Hit Rate of EdgeOne

如何提高 EdgeOne 的缓存命中率

Edge Cache

边缘缓存

Supported Matching Types and Actions

规则引擎支持的匹配类型与操作

Rule Management

规则管理

variables

变量

Rules Engine

规则引擎

Edge Acceleration

边缘加速

DDoS Protection Overview

DDoS 防护概述

Exclusive DDoS Protection Usage

使用独立 DDoS 防护

Increase DDoS Protection Level

调整 DDoS 防护等级

Exclusive DDoS Traffic Alarm

独立 DDoS 攻击流量告警

Configuration IP blocklist/allowlist

配置 IP 黑白名单

Configuration Region Blocking Rule

配置区域封禁

Configuration Port Filtering

配置端口过滤

Configuration Features Filtering

配置特征过滤

Configuration Protocol Blocking Rule

配置协议封禁

Configuration Connections Attack Protection

配置连接类攻击防护

Configuration of Exclusive DDoS protection Rules

配置独立 DDoS 防护策略

DDoS Protection

DDoS 防护

Managed rules

托管规则

CC attack defense

CC 攻击防护

Custom rule

自定义规则

Custom Rate Limiting Rules

自定义速率限制规则

Exception Rules

防护例外规则

Managed Custom Rules

托管定制规则

Web security monitoring alarm

Web 安全监控告警

Web Protection

Web 防护

Edge Security

边缘安全

Action

Action	Action Description	Subsequent Actions
Deny	Directly discard the request data package and do not continue to match other rules	None
Allow	Directly pass the request data package and do not continue to match other rules	None
Discard and block	Directly discard the request data package and add the IP to the backend blocklist	None
Continue protection	Continue to execute and match other rules	ontinue to match other rules in order