Basic Concept
최신 업데이트:2024-08-13 18:10:27
Rule Actions
In response to triggering rules, you can specify the response to be executed when a rule or security policy is triggered. You can choose from predefined actions or provide a custom response for denied operations. The supported actions include:
| Rule Action | Description | DDoS Protection | Web Protection | Bot Mgmt | API Security | Threat Intelligence | Rate Limiting | Custom Rule |
|---|---|---|---|---|---|---|---|---|
| Deny | Deny requests by a default 403 response. | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
| Log | Only log requests and continue further detection. | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
| Not Used | Do not this rule take effects. | Yes | Yes | Yes | Yes | Yes | Yes | |
| Skip | Do not execute this detection as well as the further detection. | Yes | ||||||
| Delay | Delay responses to client by 3 seconds. | Yes | Yes | Yes | ||||
| Deny Connection | Reset established TCP connections with client and do not recieve new connections from the same client IP. | Yes | ||||||
| Reset Connection | Send a RST to client to close established TCP connection, without responding HTTP request. | Yes | Yes | Yes | ||||
| Cookie Challenge | Respond a 302 redirect response with the Set-Cookie header to verify if client supports cookie. Only applicable to Web/H5 applications accessed from browser. | Yes | ||||||
| JavaScript Challenge | Respond a JavaScript code to verify if client supports JavaScript. Only applicable to HTML requests of Web/H5 applications. | Yes | ||||||
| DDoS Managed Challenge | Respond adaptive Cookie or JavaScript challenge action based on request content type, only available for some of DDoS managed rules. | Yes | ||||||
| Bot Managed Challenge | Not an optional action, respond adaptive Cookie or JavaScript authentication on GET requests only when the Web Bot Detection is intercepted. | Yes |
Add Rules
| Items | Description |
|---|---|
| Match Conditions | Specify the scope of requests that need to be detected by the policy by specifying conditions such as paths, APIs, IP Addresses, and Request Header, etc. |
| Client Identifier | Specify the identity of the client, including Client IP, Cookie, Request Header, etc. |
| Trigger Condition | Specify the conditions that trigger the rule. |
| Action Expiration Time | When a policy is triggered, the expiration time defines the duration of the response action is maintained. This can limit requests that occur at a high rate. |
| Effective Time Period | Specify The time when the rule takes effect. |
Deployment
| Action | Description |
|---|---|
| Publish Changes | Please be caution, this action deploying the configuration of the current function item to the production environment. The deployment is expected to be completed in 2 minutes after the task is delivered. |
| Policy Duplicator | Synchronize certain configuration to other hostnames simultaneously. This operation overwrites the corresponding configuration items of the selected hostname with the selected configuration items of the current domain name during deployment. |
이 문서의 내용이 도움이 되었습니까?
예
아니오