:original_name: waf_06_0001.html

.. _waf_06_0001:

Configuring CC Attack Protection
================================

-  :ref:`Overview <waf_06_0002>`
   This section guides you through configuring IP address-based rate limiting and cookie-based protection rules against Challenge Collapsar (CC) attacks.
-  :ref:`IP Address-based Rate Limiting <waf_06_0003>`
   If no proxy is used between WAF and web visitors, limiting source IP addresses is an effective way to detect attacks. IP address-based rate limiting policies are recommended.
-  :ref:`Cookie-based CC Attack Protection <waf_06_0004>`
   In some cases, it may be difficult to obtain source IP addresses of visitors for a website. For example, websites use proxies that do not use the **X-Forwarded-For** HTTP header field. The cookie field should be configured to identify visitors and **All WAF instances** should be enabled for precise user-based rate limiting.
-  :ref:`Restricting Malicious Requests in Promotions by Using Cookies and HWWAFSESID <waf_06_0031>`

.. toctree::
   :maxdepth: 1
   :hidden: 

   overview
   ip_address-based_rate_limiting
   cookie-based_cc_attack_protection
   restricting_malicious_requests_in_promotions_by_using_cookies_and_hwwafsesid