CDNetworks ドキュメントに戻る
Flood Shield 2.0
CDNetworks ドキュメントセンター Flood Shield 2.0 User Guide Basic Concepts

Basic Concepts

最終更新日:2026-02-04 17:28:26

This page introduces basic configuration concepts to help you configure security policies and protection rules.

Match Conditions

By defining match conditions, implement the request features to be detected by the specified security policy. Custom Rules, Rate Limiting, Whitelist, and other security policies use the same configuration structure. This page lists all currently available matching condition fields.

Field Description Supported Operator Case-Sensitive Match
 Supports Multiple Match Values
IP/CIDR Match or exclude specific client IP addresses, supporting both IPv4 and IPv6. equals - yes
does not equal - yes
Path Match the rules based on the specific path contained in the request. The path starts with "/", does not contain domain name and parameter information, for example: www.test.com/common/ecs/channel?code=1&type=2, the path is /common/ecs/channel. equals yes yes
does not equal yes yes
contains no yes
does not contain no yes
starts with no yes
ends with no yes
wildcard match no yes
wildcard mismatch no yes
regex match no no
regex mismatch no no
URI Match the rules based on the specific URI contained in the request. The URI starts with "/", contains parameter information, for example: /common/ecs/channel?code=1&type=2. equals yes yes
does not equal yes yes
contains no yes
does not contain no yes
starts with no yes
ends with no yes
wildcard match no yes
wildcard mismatch no yes
regex match no no
regex mismatch no no
User-Agent Match the rules based on the value of User-Agent. equals yes yes
does not equal yes yes
contains no yes
does not contain no yes
does not exist or has no value - -
starts with no yes
ends with no yes
wildcard match no yes
wildcard mismatch no yes
regex match no no
regex mismatch no no
Referer Match the rules based on the value of Referer. equals yes yes
does not equal yes yes
contains no yes
does not contain no yes
does not exist or has no value - -
starts with no yes
ends with no yes
wildcard match no yes
wildcard mismatch no yes
regex match no no
regex mismatch no no
Request Header Match the rules based on the value of a specific request header (the case of the request header name is insensitive). equals yes yes
does not equal yes yes
contains no yes
does not contain no yes
does not exist or has no value - -
starts with no yes
ends with no yes
wildcard match no yes
wildcard mismatch no yes
regex match no no
regex mismatch no no
Request Method Match or exclude specific request methods. equals - -
does not equal - -
Geo Match or exclude requests from specific regions. equals - -
does not equal - -
Response Code Match or exclude requests with specific status codes. Only the status codes in the response stage are counted. equals - -
does not equal - -

Add Rules

Items Description
Match Conditions Specify the scope of requests that need to be detected by the policy by specifying conditions such as paths, APIs, IP Addresses, and Request Header, etc.  
Client Identifier Specify the identity of the client, including Client IP, Cookie, Request Header, etc. 
Trigger Condition Specify the conditions that trigger the rule. 
Action Expiration Time When a policy is triggered, the expiration time defines the duration of the response action is maintained. This can limit requests that occur at a high rate.
Effective Time Period Specify The time when the rule takes effect. 

Deployment

Action Description
Publish Changes Please be caution, this action deploying the configuration of the current function item to the production environment. The deployment is expected to be completed in 2 minutes after the task is delivered.
Policy Duplicator Synchronize certain configuration to other hostnames simultaneously. This operation overwrites the corresponding configuration items of the selected hostname with the selected configuration items of the current domain name during deployment. 

CDNetworks Inc., © 2025. 1840 Enterprise Way, Monrovia, CA 91016 – All rights reserved.