Release Notes_Release Notes and Announcements_Flood Shield 2.0-Documentation

2026-01

Feature	Description	Release Date
Rate Limiting/Whitelist	A client list is added to the matching conditions. Users can consolidate client information requiring batch maintenance (such as enterprise egress IPs or partner IPs) into a single list for unified management, which simplifies configuration maintenance costs and improves management efficiency.	2026-01-15
Rate Limiting	The statistical granularity supports multi-dimensional combined counting. It enables free combined statistics based on multiple protection dimensions including IP, specified Cookies, URLs, User-Agents, and request headers, achieving more refined access frequency limiting. This addresses complex attack scenarios such as "the same IP polling different interfaces" and "the same IP switching Cookies", improves the accuracy of identifying malicious requests, and reduces the risk of false interception.	2026-01-15
Rate Limiting	Actions support IP blocking. When a request triggers the policy, it blocks all subsequent requests from the client’s IP, enabling rapid and automatic blocking of threats such as high-frequency attacks and scanning tools, reducing manual handling costs and improving real-time protection efficiency.	2026-01-15
Analysis & Logs - Web Security Trends	When performing security trends analysis, supports fixing one or more objects to help users improve the consistency and efficiency of the analysis process.	2026-01-15
Threat Intelligence	Supports configuring an IP whitelist to except specific IP requests from being blocked, precisely resolving false blocking issues caused by automated tool IPs of third-party partners, vendors, or data service providers that are included in the threat intelligence library.	2026-01-15
Whitelist	Added a new 'GEO' matching condition, allowing requests from specified regions to bypass filtering. This meets customer requirements for region-based whitelist controls.	2026-01-15
Bot Management	Added Kakao search engine crawler identification: Supports identifying official crawler traffic from the Kakao search engine, and can effectively identify abnormal or malicious requests disguised as Kakao crawlers for classification control. Optimize Yeti search engine crawler recognition: Update the User-Agent characteristics of Yeti search engine crawler, improve the accuracy and reliability of recognition. Through accurate crawler recognition and classification capabilities, it focuses on solving the problem of managing the traffic of local mainstream search engines (such as Kakao and Yeti) when conducting business in the Korean regional market.	2026-01-15
Security Report	Attack traffic information is added to L3/4 DDoS Attack, making protection effectiveness measurable and easy to interpret, and supporting internal security reviews and reporting tasks.	2026-01-15
DDoS Protection	Adjust the default protection level of Application-Layer DDoS for hostname access according to different customer types. It helps users select the appropriate default protection level according to their different risk characteristics and service scenarios, and reduce the probability of false negatives during initial access protection.	2026-01-15

2025-10

Feature	Description	Release Date
DDoS Protection	DDoS Protection level description adjustment. Added descriptions of scenarios for selecting each level to guide customers in selecting the appropriate protection level, Reducing the probability of false positives.	2025-10-09
Alert Management	Match WAF rule function changes, so that the entire protection process forms a closed-loop attack → monitoring → protection. Optimized the read and write permissions of custom rules for monitoring objects. Clearly distinguished the read and write permissions of the main and sub-accounts on monitoring objects.	2025-10-09
IP Groups	A new API has been added to query the resource group name/ID corresponding to a domain, allowing you to confirm resource group changes during DevOps processes, improving automated management efficiency.	2025-10-09

Feature

Description

Release Date

DDoS Protection

DDoS Protection level description adjustment. Added descriptions of scenarios for selecting each level to guide customers in selecting the appropriate protection level, Reducing the probability of false positives.

2025-10-09

Alert Management

Match WAF rule function changes, so that the entire protection process forms a closed-loop attack → monitoring → protection.

Optimized the read and write permissions of custom rules for monitoring objects. Clearly distinguished the read and write permissions of the main and sub-accounts on monitoring objects.

2025-10-09

IP Groups

A new API has been added to query the resource group name/ID corresponding to a domain, allowing you to confirm resource group changes during DevOps processes, improving automated management efficiency.

2025-10-09

2025-09

Feature	Description	Release Date
Bot Management	[New Feature] AI Bots Added 20+ new AI large-model crawler detection rules, which mainly provide you with the ability to intercept/monitor known AI bots with one click, preventing AI large-model crawlers from causing copyright theft or sensitive data leakage on your website. [Optimization function] Public Bots Optimize the original known bots classification management logic and enhance the coverage of known public bots, mainly providing you with the ability to release/intercept/monitor known public bots with one click, such as crawlers for website SEO, market analysis, website monitoring, etc. [Optimization function] Definite Bots We’ve optimized the original User-Agent feature detection management logic and added over 30 new fake spider (i.e., fake public bot) detection rules. These rules primarily allow you to one-click intercept/monitor traffic from non-public, clearly automated programs, such as automation frameworks, HTTP libraries, vulnerability scanners, proxy tools, fake spiders, and more. [Optimization function] Web Risk Detection-Application Request Whitelist The application request whitelist configuration path has been moved to the Web Risk Detection feature, and support for AJAX request exceptions has been added.	2025-09-13

Feature

Description

Release Date

Bot Management

[New Feature] AI Bots
Added 20+ new AI large-model crawler detection rules, which mainly provide you with the ability to intercept/monitor known AI bots with one click, preventing AI large-model crawlers from causing copyright theft or sensitive data leakage on your website.

[Optimization function] Public Bots
Optimize the original known bots classification management logic and enhance the coverage of known public bots, mainly providing you with the ability to release/intercept/monitor known public bots with one click, such as crawlers for website SEO, market analysis, website monitoring, etc.

[Optimization function] Definite Bots
We’ve optimized the original User-Agent feature detection management logic and added over 30 new fake spider (i.e., fake public bot) detection rules. These rules primarily allow you to one-click intercept/monitor traffic from non-public, clearly automated programs, such as automation frameworks, HTTP libraries, vulnerability scanners, proxy tools, fake spiders, and more.

[Optimization function] Web Risk Detection-Application Request Whitelist
The application request whitelist configuration path has been moved to the Web Risk Detection feature, and support for AJAX request exceptions has been added.

2025-09-13

2025-08

Feature	Description	Release Date
Analysis & Logs - Alert Management	Alert management function focuses on attack detection scenarios in security operations, and supports users to manage security-related alert rules and triggered historical events. Through this feature, users can flexibly adapt to security monitoring requirements: they can directly enable system predefined rule notifications or customize alert policies to achieve real-time awareness of business abnormal status; Meanwhile, users can also view alert history records to understand and trace back the attack situation.	2025-08-15

2025-07

Feature	Description	Release Date
Rate Limiting	Support interactive captcha. The client needs to check a certain checkbox for verification. Compared with the original captcha action, the interactive experience has been enhanced.	2025-07-18
WAF	The Scan Protection module supports Scanner Detection and Repeated Violation Detection, enhancing the effectiveness of scan protection and enabling customers to handle vulnerability scanning with ease.	2025-07-17

2025-06

Feature	Description	Release Date
Gaming Shield	The website group supports custom client detection and access domain order to facilitate compatibility with customers' operation strategies such as cultivating user access habits and avoid affecting business promotion.	2025-06-30
WAF	Added Managed Rules types in WAF: AI Component Framework Vulnerability and Mainland China-Developed Software Vulnerability.	2025-06-19

2025-05

Feature	Description	Release Date
DDoS Protection	Adaptive protection capability Improvement & Interaction experience upgrade.	2025-05-21

2025-02

Feature	Description	Release Date
Custom Rules	The conditions for Custom Rules have been enhanced with the addition of JA3 and JA4 fingerprints, allowing for more flexible rule configuration to precisely match specific client traffic.	2025-02-11

2025-01

Feature	Description	Release Date
IP/Geo Block, Rate Limiting, Custom Rules	The match condition "Region" now includes "Asia-China-unknown" to cover IP addresses within China that have not been assigned a specific location.	2025-01-21

Media Delivery

Cloud Security

Web Performance

Enterprise Application

Storage

Edge Computing

Console Guide

API Docs

Release Notes

2026-01

2025-10

2025-09

2025-08

2025-07

2025-06

2025-05

2025-02

2025-01

디렉토리