- Release Notes and Announcements
- Product Introduction
- Purchase Guide
- Description of 14-day Trial Plan Experience Benefits
- Billing Overview
- Basic Service Fees
- Value-added Service Fees
- Related Tencent Cloud Services
- Extra Package Description (Prepaid)
- Subscriptions
- Renewals
- Overdue and Expiration Policies
- Refund Policy
- Usage Cap Policy
- EdgeOne Plan Upgrade Guide
- Comparison of EdgeOne Plans
- Billing Usage
- About "clean traffic" billing instructions
- Getting Started
- Domain Service
- Site Acceleration
- Origin Configuration
- Edge Functions
- Overview
- Getting Started
- Operation Guide
- Runtime APIs
- Sample Functions
- Example Overview
- 301 Redirect
- Obtaining Client URL Information
- Customization Based on Client Geo Location
- Obtaining Client Geo Location Information
- Batch Redirect
- Returning an HTML Page
- Returning a JSON Object
- Fetch Remote Resources
- Authenticating a Request Header
- Modifying a Response Header
- Performing an A/B Test
- Setting Cookies
- Performing Redirect Based on the Request Location
- Using the Cache API
- Caching POST Requests
- Responding in Streaming Mode
- Merging Resources and Responding in Streaming Mode
- Protecting Data from Tampering
- Rewriting a m3u8 File and Configuring Authentication
- Adaptive Image Resize
- Image Adaptive WebP
- Customize Referer restriction rules
- Remote Authentication
- HMAC Digital Signature
- Naming a Downloaded File
- Obtaining Client IP Address
- Practical Tutorial
- Security Protection
- Overview
- DDoS Protection
- DDoS Protection Overview
- Exclusive DDoS Protection Usage
- Configuration of Exclusive DDoS protection Rules
- Web Protection
- Rules Template
- IP Groups
- Origin Protection
- Custom Response Page
- Alarm Notification
- Rule Engine
- L4 Proxy
- Data Analysis&Log Service
- Tool Guide
- Practical Tutorial
- Configuring EdgeOne Security Event Alarms via TCOP
- EdgeOne Resource Abuse Prevention
- EdgeOne Implementation of Session Persistence Based on Client IP Addresses
- EdgeOne Implementation of Origin-Pull Based on Client's Geo Location
- EdgeOne Hotlink Protection Practical Tutorial
- EdgeOne initiates Automatic Warm-up
- EdgeOne Automatic Cache Purge
- Cross-regional Secure Acceleration (Oversea Sites)
- Scheduling Traffic to EdgeOne by Performing Canary Switching
- Quickly Enabling HTTPS Access with EdgeOne Free Certificate
- Through traffic orchestration to multiple service providers
- EdgeOne facilitate APKs.s dynamic packaging of Android
- API Documentation
- History
- Introduction
- API Category
- Making API Requests
- Site APIs
- Acceleration Domain Management APIs
- Site Acceleration Configuration APIs
- Edge Function APIs
- Alias Domain APIs
- Security Configuration APIs
- Layer 4 Application Proxy APIs
- CreateL4Proxy
- ModifyL4Proxy
- ModifyL4ProxyStatus
- DescribeL4Proxy
- DeleteL4Proxy
- CreateL4ProxyRules
- ModifyL4ProxyRules
- ModifyL4ProxyRulesStatus
- DescribeL4ProxyRules
- DeleteL4ProxyRules
- CreateApplicationProxy
- ModifyApplicationProxy
- ModifyApplicationProxyStatus
- DescribeApplicationProxies
- DeleteApplicationProxy
- CreateApplicationProxyRule
- ModifyApplicationProxyRule
- ModifyApplicationProxyRuleStatus
- DeleteApplicationProxyRule
- Content Management APIs
- Data Analysis APIs
- Log Service APIs
- Billing APIs
- Certificate APIs
- Load Balancing APIs
- Diagnostic Tool APIs
- Custom Response Page APIs
- Version Management APIs
- Data Types
- Error Codes
- FAQs
- Agreements
- TEO Policy
- Contact Us
- Glossary
- Release Notes and Announcements
- Product Introduction
- Purchase Guide
- Description of 14-day Trial Plan Experience Benefits
- Billing Overview
- Basic Service Fees
- Value-added Service Fees
- Related Tencent Cloud Services
- Extra Package Description (Prepaid)
- Subscriptions
- Renewals
- Overdue and Expiration Policies
- Refund Policy
- Usage Cap Policy
- EdgeOne Plan Upgrade Guide
- Comparison of EdgeOne Plans
- Billing Usage
- About "clean traffic" billing instructions
- Getting Started
- Domain Service
- Site Acceleration
- Origin Configuration
- Edge Functions
- Overview
- Getting Started
- Operation Guide
- Runtime APIs
- Sample Functions
- Example Overview
- 301 Redirect
- Obtaining Client URL Information
- Customization Based on Client Geo Location
- Obtaining Client Geo Location Information
- Batch Redirect
- Returning an HTML Page
- Returning a JSON Object
- Fetch Remote Resources
- Authenticating a Request Header
- Modifying a Response Header
- Performing an A/B Test
- Setting Cookies
- Performing Redirect Based on the Request Location
- Using the Cache API
- Caching POST Requests
- Responding in Streaming Mode
- Merging Resources and Responding in Streaming Mode
- Protecting Data from Tampering
- Rewriting a m3u8 File and Configuring Authentication
- Adaptive Image Resize
- Image Adaptive WebP
- Customize Referer restriction rules
- Remote Authentication
- HMAC Digital Signature
- Naming a Downloaded File
- Obtaining Client IP Address
- Practical Tutorial
- Security Protection
- Overview
- DDoS Protection
- DDoS Protection Overview
- Exclusive DDoS Protection Usage
- Configuration of Exclusive DDoS protection Rules
- Web Protection
- Rules Template
- IP Groups
- Origin Protection
- Custom Response Page
- Alarm Notification
- Rule Engine
- L4 Proxy
- Data Analysis&Log Service
- Tool Guide
- Practical Tutorial
- Configuring EdgeOne Security Event Alarms via TCOP
- EdgeOne Resource Abuse Prevention
- EdgeOne Implementation of Session Persistence Based on Client IP Addresses
- EdgeOne Implementation of Origin-Pull Based on Client's Geo Location
- EdgeOne Hotlink Protection Practical Tutorial
- EdgeOne initiates Automatic Warm-up
- EdgeOne Automatic Cache Purge
- Cross-regional Secure Acceleration (Oversea Sites)
- Scheduling Traffic to EdgeOne by Performing Canary Switching
- Quickly Enabling HTTPS Access with EdgeOne Free Certificate
- Through traffic orchestration to multiple service providers
- EdgeOne facilitate APKs.s dynamic packaging of Android
- API Documentation
- History
- Introduction
- API Category
- Making API Requests
- Site APIs
- Acceleration Domain Management APIs
- Site Acceleration Configuration APIs
- Edge Function APIs
- Alias Domain APIs
- Security Configuration APIs
- Layer 4 Application Proxy APIs
- CreateL4Proxy
- ModifyL4Proxy
- ModifyL4ProxyStatus
- DescribeL4Proxy
- DeleteL4Proxy
- CreateL4ProxyRules
- ModifyL4ProxyRules
- ModifyL4ProxyRulesStatus
- DescribeL4ProxyRules
- DeleteL4ProxyRules
- CreateApplicationProxy
- ModifyApplicationProxy
- ModifyApplicationProxyStatus
- DescribeApplicationProxies
- DeleteApplicationProxy
- CreateApplicationProxyRule
- ModifyApplicationProxyRule
- ModifyApplicationProxyRuleStatus
- DeleteApplicationProxyRule
- Content Management APIs
- Data Analysis APIs
- Log Service APIs
- Billing APIs
- Certificate APIs
- Load Balancing APIs
- Diagnostic Tool APIs
- Custom Response Page APIs
- Version Management APIs
- Data Types
- Error Codes
- FAQs
- Agreements
- TEO Policy
- Contact Us
- Glossary
Security protection provides secure policy configuration and security event alert options for applications integrating with EdgeOne. This helps you verify traffic and requests at the edge, preventing external attacks and security risks from impacting your business and sensitive data.
After integrating with EdgeOne's security acceleration service and subscribing to relevant security protection services, you can configure the following security policies:
Note:
DDoS protection is designed for network-layer defense against DDoS attacks and is suitable for L4 proxy applications (TCP/UDP applications). Configuration for DDoS protection is only available for users with Exclusive DDoS Protection Usage enabled.
If you need to configure Referer blocklist/allowlist, User-Agent (UA) blocklist/allowlist, IP blocklist/allowlist, or region blocking through Web protection, please navigate to Web Protection > Custom Rules >Basic Access Control. For more details, see Web Protection - Custom Rules.
The available rule configurations and execution methods may vary based on the EdgeOne plan you have subscribed to. See Comparison of EdgeOne Plans for package specifications.
Category | Function | Application Scenario | Default Configuration |
| | Automatic protection cleansing for DDoS attacks targeting L4 services (TCP/UDP applications). For example: Daily Protection: Utilize the Moderate protection level to discard traffic exhibiting clear DDoS attack characteristics. Emergency recovery during attack bypass: Implement the Strict protection level to discard all traffic suspected of DDoS attacks. | Protection Level: Moderate |
| | Discard or permit traffic from specified IP addresses. For example: Internal Call Permit: Permit the internal service IP 11.11.11.11, allowing high-frequency access between services. | None |
| | Block client access from specified regions. For example: Ban access from overseas: Discard traffic with source IPs located outside mainland China. | None |
| | Discard or allow traffic based on specified source/destination ports. For example: Discard high-risk reflection port: Drop traffic with source port matching UDP 53, prohibiting access to private UDP protocol applications. | None |
| | Discard traffic containing specified data or parameters. For example: Discard unusually long UDP packets: Discard UDP traffic with a length exceeding 500. | None |
| | Discard traffic of specified IP protocols. For example: Block external PING commands: Configure blocking of ICMP protocol traffic. | None |
| | Intercept abnormal TCP behaviors such as high-frequency connections and abnormal connections. | None |
| | Mitigate HTTP/HTTPS DDoS attacks, including high-frequency access and slow request attacks. | Adaptive Frequency Control Limit Level: Adaptive Loose - Disposal Method: JavaScript Challenge Slow Attack Protection Disabled Intelligent Client Filtering Disposal Method: JavaScript Challenge |
| | Intercept vulnerabilities targeting web applications (SQL injection, cross-site scripting, remote code execution, etc.). For example: Intercept Apache log4j vulnerabilities: Enable rules related to log4j vulnerabilities in open-source components for interception. | All rules are enabled for observation mode. |
| | Handle requests based on header content and IP. For example: Hotlink Protection: Intercept requests based on Referer header matching. Regional Blocking: Intercept requests from clients with IP matching specified regions. IP Blocklist: Intercept based on specified IP or IP groups. | None |
| | Intercept clients accessing beyond preset access rates. For example: Intercept clients causing a large number of errors in a short time at the origin: Set the rate allowed for each IP causing origin errors and intercept IP access beyond the threshold. Intercept account ID with excessively high access frequency to a specific API: Set the frequency allowed for each account (specified account ID position) to access a specific API, intercepting account access beyond the threshold. Intercept clients with excessively high access frequency fingerprints (JA3 fingerprints): Set the access rate for each JA3 fingerprint (i.e., TLS fingerprint) and intercept access with the same fingerprint beyond the threshold. | None |
| | Skip protection rules in web protection by module. For example: Allow internal services: Set the internal service IP list and specified API paths to allow clients on the list unrestricted access to that path. | None |
| | Skip specified managed rules. For example: Allow user content uploads: Configure business paths and false-positive rules to allow requests when parameters contain user-written content. | None |
| | Intercept bot requests based on risk levels. (Suitable for quickly enabling bot management strategies and establishing bot access profiles). For example: Intercept misuse of CDN resources (scraping): Intercept malicious bot requests. | None |
| | Handle crawlers for search engines, open-source development tools, and commercial purposes. For example: Allow Google search engine crawlers: Use search engine feature rule libraries to configure allowing Google search engine crawlers. Intercept cURL tool access: Use UA feature libraries to intercept access from web development tools. | None |
| | Handle requests from clients with a history of malicious behavior or high-risk characteristics based on IP threat intelligence. For example: Intercept VPN/proxy requests: Intercept clients identified as malicious proxies, fast-dial IPs, or proxy IP pools. | None |
| | Intercept requests with abnormal browser runtime environments and access behavior. For example: Cookie Challenge: Enable cookie verification to intercept clients not supporting cookies. Intercept automated tool access: Enable client behavior verification to identify JavaScript runtime environment anomalies and abnormal access behavior in automated tools. | None |
| | Counteract bot tools based on the features, headers, and client IP of requests. The feature provides more disposal options for bot counteraction. For example: Counteract high-risk bots accessing sensitive business: Match based on access paths and client profiles, configure observation, silent, and response after waiting with certain weights. | None |
Yes
No
Was this page helpful?