A200161411/web-application-firewall-dedicated
1
0
Fork 0
forked from docs/web-application-firewall-dedicated
Code Pull Requests Activity
web-application-firewall-de.../doc/best-practice/source/configuring_cc_attack_protection/index.rst

1.2 KiB
Raw Blame History

original_name

waf_06_0001.html

Configuring CC Attack Protection

  • Overview <waf_06_0002> This section guides you through configuring IP address-based rate limiting and cookie-based protection rules against Challenge Collapsar (CC) attacks.
  • IP Address-based Rate Limiting <waf_06_0003> If no proxy is used between WAF and web visitors, limiting source IP addresses is an effective way to detect attacks. IP address-based rate limiting policies are recommended.
  • Cookie-based CC Attack Protection <waf_06_0004> In some cases, it may be difficult to obtain source IP addresses of visitors for a website. For example, websites use proxies that do not use the X-Forwarded-For HTTP header field. The cookie field should be configured to identify visitors and All WAF instances should be enabled for precise user-based rate limiting.
  • Restricting Malicious Requests in Promotions by Using Cookies and HWWAFSESID <waf_06_0031>

overview ip_address-based_rate_limiting cookie-based_cc_attack_protection restricting_malicious_requests_in_promotions_by_using_cookies_and_hwwafsesid