Skip to content

Advanced Path-Specific Configuration

Configuration Scenario

If you wish to apply IP allowlist/denylist or rate limiting to specific directories or URLs, Cloud Protection offers the Advanced Path-Specific Configuration feature. Through this configuration, you can implement rate limiting to prevent API attacks, among other scenarios.

Configuration Guide

View Configuration

Log in to the Cloud Protection console, navigate to the menu bar and select ​​[Domain Management]​​. Click ​​[Configure]​​ next to the domain name to enter the domain configuration page. Under ​​[Access Control]​​, you will find the Advanced Path-Specific Configuration, which is disabled by default:

img

Modify Configuration

  1. ​Modify Configuration​

Click ​​Add Path​​ to enter the Advanced Path-Specific Configuration page:

img

​Advanced Path-Specific Configuration​

  • ​Path Selection​​: Enter a directory or a complete URL.
  • ​Allowlist/Denylist​​: Supports IP ranges.

  • ​Rate Limiting​​: Requests exceeding the threshold will not be forwarded to the origin server. Cloud Protection will directly return a ​​429 status code​​.

  • ​Enable Configuration​

Toggle the switch to enable the added path rule:

img

  1. ​Disable Configuration​

Click the toggle button next to Advanced Path-Specific Configuration to disable it:

img

Configuration Example 1:

Limit requests to the /api/ path to a maximum of ​​3 requests per second per IP​​.

img

​Configuration Method​​:

  • ​Path Selection​​: Enter a custom rule name.
  • ​Rate Limit​​: Input the threshold value.
  • Click ​​Confirm​​.

Configuration Example 2:

Block IPs in the range ​​1.2.3.0/24​​ from accessing the /admin/index.php path.

img

​Configuration Method​​:

  • ​Rule Name​​: Enter a custom rule name.
  • ​Denylist​​: Input the IP range.
  • Click ​​Confirm​​.