If the response time of your website increases due to DDoS attacks, you can enable the rate limiting feature. Rate limiting allows CDN edge nodes to identify IP addresses that frequently send requests to your website and block malicious requests. This reinforces website security.
This topic consists of the following sections:
Submit an application
You must apply for the rate limiting feature before you can use this feature. To apply
for this feature, you can join one of the following DingTalk groups:
- Group 1: 23184221. No more members can be added to the group.
- Group 2: 33298914. No more members can be added to the group.
- Group 3: 33137775. No more members can be added to the group.
- Group 4: 41552166.
Enable rate limiting
Add a custom rate limiting rule
Notice
- When you set Control Mode to Custom, you must add a custom rate limiting rule. Other control modes do not require custom rate limiting rules.
- You can add a maximum of five custom rate limiting rules.
Examples
The following table lists some configuration examples.
Scenario | Monitored object | Interval | Match Criteria | Action | TTL | Expected result |
---|---|---|---|---|---|---|
4xx or 5xx errors | IP | 10 seconds | "status_ratio|404">60% &&"count">50 |
Block | 10 minutes | If the percentage of the HTTP 404 status code among all HTTP status codes returned to the IP address reaches 60%, and the IP address initiates at least 50 requests, the IP address is blocked for 10 minutes. All requests from the IP address receive the HTTP 403 status code. |
Queries per second (QPS) anomalies | Domain name | 10 seconds | "count">N Note Specify a value for N based on your business requirements.
|
Bot Detection | 10 minutes | If the number of requests that are sent to the domain name reaches the value of N, bot deletion is triggered. Within the next 10 minutes, all requests sent to the domain name are verified. Requests are not allowed to access the domain name only if the requests pass human-machine identification. |
Related API operations
DescribeDomainCcActivityLog: queries log entries of rate limiting.