CDNetworks ドキュメントに戻る
Cloud Security 2.0
CDNetworks ドキュメントセンター Cloud Security 2.0 User Guide Custom Rules

Custom Rules

最終更新日:2026-03-23 15:05:06

Custom rules are used to perform specified actions for requests that meet certain conditions. With custom rules, you can:

  • Handle scenarios not covered by standard policies.
  • Fix new vulnerabilities appearing on the website quickly by using custom rules as virtual patches.

Steps:

  1. Log in to the CDNetworks Console, find the security product in use under Subscribed Products.
  2. Go to Security Settings > Policies.
  3. Find the hostname for security policy configurations, and click Upcoming Updates to Product Navigation and Document Center .
  4. Go to Custom Rules tab. If this policy is off, turn it on.

Create a Custom Rule

  • On the Custom Rules tab. Click Create.
  • In Rule Name, enter a name for the custom rule.
  • If needed, input the Description.
  • Select the Protected Target. If you want to configure custom rules for a defined API, please select API; otherwise, please select Website.
  • At least one match condition must be configured. If multiple values can be entered for the same matching condition, the relationship between these values is “or”. Please separate different values by line breaks. Please separate different values with a new line. The supported matching conditions can be found in the Match Conditions.
  • If needed, add extra matching conditions for the rule by clicking “+”. Multiple conditions are strung together with an AND operator.
  • Select the Action for the rule.
  • Click Confirm.
  • Click Publish Changes to make the configuration take effect.

Examples

Example 1: Block low version UA. Configuration is as follows:

  • Rule Name: Block low version UA
  • Protected Target: Website
  • Match Conditions: User-Agent equals Mozilla/5.0 (Linux; Android) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.131 Safari/537.36
  • Action: Block

Example 2: Block requests with specific request headers. Configuration is as follows:

  • Rule Name: Block requests with specific request headers
  • Protected Target: Website
  • Match Conditions: Request Header Header Name: spider-name contains Header Value:crawlergo
  • Action: Block

Example 3: Prohibit requests with an empty Referer value. Configuration is as follows:

  • Rule Name: Prohibit requests with an empty Referer value
  • Protected Target: Website
  • Match Conditions: Referer has no value AND Path equals /getUserInfo
  • Action: Block

CDNetworks Inc., © 2025. 1840 Enterprise Way, Monrovia, CA 91016 – All rights reserved.