tencent cloud

PrevNext

Feedback

search by keyword

Recent Pages

Documentation
Tencent Cloud EdgeOne
    Documentation
    Download PDF

    Overview

    Last updated: 2024-04-16 16:30:16
    Download PDF
      Web Protection provides application layer protection for HTTP/HTTPS protocols. You can use EdgeOne's preset security policies or define your own security policies to identify and handle risky requests, protect sensitive data on your site, and ensure stable service operation.
      Note:
      EdgeOne does not charge for requests blocked by security policies.

      Applicable Scenarios

      Web Protection can control and mitigate various risks, with typical scenarios including:
      Vulnerability attack protection: For sites involving customer data or sensitive business data, you can enable managed rules to intercept injection attacks, cross-site scripting attacks, remote code execution attacks, and malicious attack requests from third-party component vulnerabilities.
      Access control: Distinguish between valid and unauthorized requests to prevent sensitive business exposure to unauthorized visitors. This includes external site link control, partner access control, and attack client filtering.
      Mitigating resource occupation: Limit the access frequency of each visitor to avoid excessive resource occupation, which may cause service availability decline. EdgeOne's CC attack protection and rate limiting can effectively mitigate site resource exhaustion and ensure stable service availability.
      Mitigating service abuse: Limit session or business dimension abuse, including batch registration, batch login, excessive use of API, and other malicious usage scenarios. Strengthen the usage quota of a single session (such as users, instances, etc.) to ensure that users use service resources within a reasonable limit.
      API parameter verification: Verify API parameters to ensure the legality of requests and control interface exposure risk.

      Features

      Web Protection provides the following features, and it is suggested to configure them based on the business type and expected client types for business:
      Note:
      Different protection modules' disposal order priority and the execution priority of the same priority rules within the module. For details, see Web Protection Requests Processing Order.
      Protection Module
      Function Introduction
      Identify attack features (including SQL injection, XSS attack, open source component vulnerability, etc.) in request headers or body, and apply the corresponding action. Rules are defined by EdgeOne and auto-renewal.
      Identify CC attacks (Layer 7 DDoS attack) and apply the corresponding action.
      Apply the corresponding action to requests that match the specified conditions.
      Count the number of requests that match the conditions within a certain period of time. When the number exceeds the specified threshold, the rule applies and handles the requests that match the conditions. After the number of requests falls below the threshold, the action remains effective for a certain period of time, and then no longer applies until triggered again.
      Identify non-human access behavior (bot clients) and apply the corresponding action based on bot client type or behavioral features.
      Requests that match the conditions skip the scanning of the specified security module and will not hit the rules in the corresponding module. For managed rules, more detailed exceptions can be configured to skip the scanning of specified managed rules.
      
      Contact Us

      Contact our sales team or business advisors to help your business.

      Contact Us
      Technical Support

      Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

      Submit a Ticket
      7x24 Phone Support
      Copyright © 2013-2024 Tencent Cloud. All Rights Reserved.
      Privacy PolicyLegalCookie Policy