CDNetworks ドキュメントに戻る
Cloud Security 2.0
CDNetworks ドキュメントセンター Cloud Security 2.0 User Guide Set App/API Exceptions

Set App/API Exceptions

最終更新日:2026-03-19 15:12:33

Managed rules with the action “DDoS Managed Challenge” will perform Cookie Challenge or JavaScript Challenge, and is only applicable to Web/H5 type websites. If your website is a native App/hybrid App/callback API or others, you need to make an exception for the request features of the App/API requests to reduce false positives.

Type Description Need to add an exception? Note
Native App Developed by using the official development languages, development libraries, and tools of Android and iOS Platform. For example, Android’s Java language and iOS’s Objective-C language. Generally no exceptions are needed. The managed rule whose action is “DDoS Managed Challenge” only takes effect for the browser’s User-Agent (Mozilla or Opera). For a native app with the browser’s User-Agent, you need to add exceptions.
Hybrid App It uses the development technology of native app and also applies HTML5 development technology, involving the features of both native APP and HTML5. An exception is required. Exceptions should be made based on the request features of the hybrid APP. When native page requests and HTML5 page requests have distinctly different features, it is recommended to only make exceptions for the request features of native pages, such as User-Agent=AppName/1.0.0 (Android; 10; Pixel 3) okhttp/3.8.1.
Callback API When a certain event occurs, the system automatically calls the registered callback function to process the related data. Such as payment callback API, data sync callback API, etc. An exception is required. Exceptions should be made based on the request features of your callback API, such as URI=/api/callback.
Other APIs Other APIs that do not support “DDoS Managed Challenge”. An exception is required. Exceptions should be made based on the API request features, such as URI=/api/other.

Add App/API Exceptions

  1. Log in to the CDNetworks Console, find the security product in use under Subscribed Products.
  2. Go to Security part: Configurations > Shared Configurations.
  3. Under the App/API Exceptions tab, click Create.
  4. Choose the Type according to the actual business situation, input the App/API Name, and set the Match Conditions.
  5. Click Confirm after the configuration is complete.
  6. For each entry, click image.png to associate the hostnames.
  7. On the Associate hostname page, select hostnames you want to apply from the left Selectable part to right Selected part.
  8. Click Confirm.

CDNetworks Inc., © 2025. 1840 Enterprise Way, Monrovia, CA 91016 – All rights reserved.