You can configure additional security settings on the Settings page.
Feature description
Client IP definition
You can define the originating client IP addresses that match the Web Application Firewall (WAF) and bot management rules. By default, the client IP addresses that are used to connect to points of presence (POPs) are used. You can also add custom headers to clarify the client IP addresses.
In most cases, after you add your website to Edge Security Acceleration (ESA), your website is accelerated and protected by ESA. If no other proxy is deployed, client requests are directly forwarded to ESA POPs, and ESA can identify the real client IP address.
However, if you have deployed a third-party reverse proxy such as WAF, anti-DDoS, or websites with Edge Routine activated between the client and ESA, the proxy is directly connected to ESA POPs, and ESA cannot identify the real client IP address. In this case, you need to specify custom headers in the Client IP Definition section and write the IP information in the headers of your client requests. This way, ESA can obtain the real client IP address.
Procedure
Log on to the ESA console.
In the left-side navigation pane, click Websites.
On the Websites page, find the website that you want to manage, and click the website name or View Details in the Actions column.
In the left-side navigation tree, choose Security > Settings.
In the Client IP Definition section, click Configure.
Connect IP (default): the client IP address that is used to connect to ESA POPs.
Custom Header: Use custom headers to define the client IP address. Separate multiple headers with commas (,). You can enter up to five headers.
Click OK.
Security level
ESA checks whether incoming requests are malicious based on Alibaba Cloud's well-stocked threat intelligence library. Identified malicious requests are challenged based on the security level you configured. Only requests that pass the challenges can be served as expected. The following table describes the security levels.
Security level | Description |
Low | Challenges only requests from the IP addresses with the highest threat level. This is the default value. |
Medium | Challenges requests from IP addresses with a high threat level. We recommend that you select this option for websites that have high security requirements. |
High | Challenges requests from suspicious IP addresses. We recommend that you select this option only during major events. |
I'm Under Attack | Challenges all requests. We recommend that you select this option only when your website is under attack. |
Off (Available in Enterprise Plans) | Completely disables protection. This option is available only for customers on Enterprise plans. We recommend that you select this option only when there are unacceptable false positives. |
A higher security level may undermine the experience of legitimate visitors. You can flexibly adjust the security level based on the actual condition.
Procedure
Log on to the ESA console.
In the left-side navigation pane, click Websites.
On the Websites page, find the website that you want to manage, and click the website name or View Details in the Actions column.
In the left-side navigation tree, choose Security > Settings.
In the Security Level section, click Configure, and select a level from the drop-down list.
Click OK.