The Web Security Trends page provides visualized data to show the security status of your websites, including the requests trends and Top Rankings from different dimensions. page provides visualized data to show the security status of your websites, including the requests trends and Top Rankings from different dimensions.
Go to Web Security Trends:
- Log in to the CDNetworks Console, find the security product in use under Subscribed Products.
- Go to Analysis & Logs > Web Security Trends.
1. Filter data
You can select the Time Range, Control Group, Hostname, and Action as filters to query the data for more details.
Action Selection:
- Mitigated: Attack requests detected and scrubbed by CDNetworks.
- Monitored: Attack requests only detected and recorded in the Log by CDNetworks.
2. Trends Chart
Displays the trends of website requests change within the selected period.
Indicators on the top half of the chart:
- Total: Shows the number of incoming requests that has received by CDNetworks.
- Attack: Shows the number of incoming requests that has been identified as an attack by CDNetworks, including being cleaned and monitored requests.
- Whitelisted: Shows the number of requests that are allowed in the whitelist.
Indicators on the bottom half of the chart display the attack requests triggered by different policies, including IP/Geo Block, DDoS Protection, WAF, Bot Management, API Security, Threat Intelligence, Rate Limiting, and Custom Rules.
The chart supports viewing the trends by requests and by RPS (Request per Second).
3. Top Rankings
Different dimensions help you better analyze your websites traffic:
- Top Attack Targets: Displays the hostnames and paths that have been attacked the most, which can quickly locate which services have been attacked.
- Top Policies Triggered: Displays the number of requests detected by the security policies, which can know the most frequent type of attack.
- Top Attack Sources: Displays the top client IPs and countries/areas the illegal traffic comes from. If necessary, the illegal traffic from these client IPs or countries/areas can be blocked through IP/Geo Block.
- Top Rules Triggered: Display the top rules triggered to mitigate illegal traffic, including WAF Managed Rules, DDoS Managed Rules, Rate Limiting and Custom Rules. Please pay attention to situations where the proportion of monitored requests (as a percentage of total requests) is too high. You can click view log, and assess whether to adjust the security policy through log analysis.
- Top User-Agents Detected: Displays the top User-Agents that have been detected.
- Top Referers Detected: Display the top Referers that have been detected.