This chapter will introduce the relevant introduction to custom add protection rules:
In daily attack processing, due to the complexity of the website program structure, it will be targeted by some specific CC attacks. In this case, our system supports customization添加防护规则,该方案需要对CC防护结构精通熟悉.CC防护模块我们支持以下规则的匹配.支持多规则共同匹配.如图所示:
1. Browser proxy: Determine the User-Agent field in the HTTP request header
2. Number of browser proxies: Determine the number of User-Agents in the HTTP request header
3, domain name: Assuming that the user visits the https://www.example.com/abc?1=test, then the domain name is www.example.com
4. URL: Take https://www.example.com/abc?1=test as an example, the URL corresponds to/abc
5. URL with parameters: Take https://www.example.com/abc?1=test as an example, the corresponding value is/abc? 1 = test
6. Header parameter: A character that connects all Header Names (excluding Value) in the request with ",", but is limited by length and will be truncated
7. IP Ownership Country: The country corresponding to the user's Internet Protocol Address, such as China
8. Request methods: such as GET/POST/PUT...
The number of requests within 9 and 5 seconds: count on a cycle of 5 seconds, and add 1 to the number of requests for each request.
10. Number of requests within 10 seconds: Similar to the number of requests in 5 seconds, the reference period is 10 seconds
11, 10 seconds back to the source: 10 seconds as the reference period, the number of successful returns to the source