CDN 用戶操作
CDN User Guide
CDN User Guide
  • Domain Management
    • Add Domain
    • Batch Modify Upstream
    • Batch Remove Specific Domains
    • Export Site Records
  • Modules
    • Site Certificate
    • Token Auth
    • Custom Header
    • Redirects
    • CORS Setting
    • Proxy Rewrite
  • Site Settings
    • Cache Setting
    • Compress
    • Rates Limit
    • DNS API
    • Ports
  • Firewall
    • Whitelist Setting
    • Blacklist Setting
    • Positions Setting
    • Anti CC Setting
    • Interval Freq. Limit
    • Second Freq. Limit
    • User Agent Setting
  • ACL
  • Block List
  • Error Pages
  • Site Info.
Powered by GitBook
On this page
  • How to Set Up Second Freq. Limit ?
  • Second Freq. Limit Field Descriptions
  • Blocking Example:
  1. Firewall

Second Freq. Limit

PreviousInterval Freq. LimitNextUser Agent Setting

Last updated 6 months ago

Compared to Regional Frequency Settings, Second-Level Frequency Settings allow for more granular control over CC attacks measured in seconds.

How to Set Up Second Freq. Limit ?

  • Sites → Sites Settings → Firewall → Second Freq. Limit → Create

Second Freq. Limit Field Descriptions

  • URL: The domain you want to limit. Use .* if you want to apply to the entire site.

  • Number of Requests: The allowed number of concurrent connections from the same IP within one second.

  • Burst: If the number of connections from the same IP within one second exceeds the set number of requests, this field will limit the access speed.

  • Protect Mode:

    • If the access frequency from the same IP in one second exceeds both the number of requests and the burst value, blocking will occur:

      • DENY: Rejects the IP connection, responding with HTTP status code 929.

      • DROP: Drops packets from the source IP that triggers the frequency limit, showing an ERR_CONNECTION_RESET error.

      • DROP + Blacklist: Drops packets and adds the source IP to a blacklist, which can be checked in Firewall > Block List.

  • Block Duration: Measured in seconds, e.g., 300 means 5 minutes.

Blocking Example:

  • Under normal conditions without restrictions, the connection rate would be:

  • For the test domain, set the number of requests to 5 and the burst number to 2. If these limits are exceeded, the response will be DENY.

  • At this point, you would observe that the response time per second is longer than the original response time.

  • Open an additional terminal for testing to check if there's blocking after exceeding the limit: