HTTP DDoS managed ruleset · DDoS protection

HTTP DDoS managed ruleset - 2023-11-29

Wednesday, Nov 29, 2023

Rule ID	Description	Previous Action	New Action	Notes
...8ed59b32	HTTP requests with unusual HTTP headers or URI path (signature #61).	ddos_dynamic	ddos_dynamic	Rename rule to avoid confusion.
...61e8d513	Global L7 WordPress attack mitigations (Deprecated)	ddos_dynamic	ddos_dynamic	Mark rule as deprecated.

HTTP DDoS managed ruleset - 2023-11-22

Wednesday, Nov 22, 2023

Rule ID	Description	Previous Action	New Action	Notes
...254da96a	HTTP requests with unusual HTTP headers or URI path (signature #58).	log	block

HTTP DDoS managed ruleset - 2023-11-13 - Emergency

Monday, Nov 13, 2023

Rule ID	Description	Previous Action	New Action	Notes
...22807318	HTTP requests from known botnets.	ddos_dynamic	ddos_dynamic	Improve this filter to catch more attacks.
...6fe7a312	HTTP requests from known botnet (signature #70).	block	block
...7c7a2f25	HTTP requests from known botnet (signature #74).	N/A	block
...d2f294d7	HTTP requests trying to impersonate browsers.	ddos_dynamic	ddos_dynamic

HTTP DDoS managed ruleset - 2023-11-10 - Emergency

Friday, Nov 10, 2023

Rule ID	Description	Previous Action	New Action	Notes
...7d0f1e5f	HTTP requests from known botnet (signature #72).	N/A	block
...94547a95	HTTP requests with unusual HTTP headers or URI path (signature #59).	N/A	ddos_dynamic
...e269dfd6	HTTP requests with unusual HTTP headers or URI path (signature #56).	log	block	Enable filter early to mitigate widespread impact.
...f35a42a0	HTTP requests with unusual HTTP headers or URI path (signature #57).	log	block	Enable filter early to mitigate widespread impact.

HTTP DDoS managed ruleset - Scheduled changes

Monday, Oct 30, 2023

Announcement Date	Change Date	Rule ID	Description	Previous Action	New Action	Notes
N/A	N/A	N/A	N/A	N/A	N/A	N/A

HTTP DDoS managed ruleset - 2023-10-19

Thursday, Oct 19, 2023

Rule ID	Description	Previous Action	New Action	Notes
...61bc58d5	HTTP requests with unusual HTTP headers or URI path (signature #55).	ddos_dynamic	ddos_dynamic	Requests will be challenged by default, larger attacks are blocked.

HTTP DDoS managed ruleset - 2023-10-11

Wednesday, Oct 11, 2023

Rule ID	Description	Previous Action	New Action	Notes
...35675e08	HTTP requests with unusual HTTP headers or URI path (signature #24).	block	block	This rule can cause rare false positives with custom apps sending invalid headers.

HTTP DDoS managed ruleset - 2023-10-09 - Emergency

Monday, Oct 9, 2023

Rule ID	Description	Previous Action	New Action
...02bbdce1	HTTP requests with unusual HTTP headers or URI path (signature #47).	N/A	block
...493cb8a8	HTTP requests with unusual HTTP headers or URI path (signature #52).	N/A	block
...5c344623	HTTP requests from uncommon clients	N/A	block
...6363bb1b	HTTP requests with unusual HTTP headers or URI path (signature #48).	N/A	block
...c1fbd175	HTTP requests trying to impersonate browsers (pattern #4).	N/A	block

HTTP DDoS managed ruleset - 2023-09-24 - Emergency

Sunday, Sep 24, 2023

Rule ID	Description	Previous Action	New Action	Notes
...0fb54442	HTTP requests with unusual HTTP headers or URI path (signature #49).	N/A	block
...3dd5f188	HTTP requests from known botnet (signature #71).	N/A	block
...97003a74	HTTP requests with unusual HTTP headers or URI path (signature #17).	block	block	Expand rule to catch more attacks.

HTTP DDoS managed ruleset - 2023-09-21 - Emergency

Thursday, Sep 21, 2023

Rule ID	Description	Previous Action	New Action	Notes
...1d73128d	HTTP requests from known botnet (signature #56).	block	block	Make the rule customizable as it might cause false positive in rare cases.
...4a95ba67	HTTP requests with unusual HTTP headers or URI path (signature #32).	ddos_dynamic	ddos_dynamic	Expand the scope of the rule to catch more attacks.
...6fe7a312	HTTP requests from known botnet (signature #70).	block	block	Update the rule to remove some rare false positives.

HTTP DDoS managed ruleset - 2023-09-05 - Emergency

Tuesday, Sep 5, 2023

Rule ID	Description	Previous Action	New Action	Notes
...22807318	HTTP requests from known botnets.	ddos_dynamic	ddos_dynamic	Expand filter to catch attacks more comprehensively.
...4346874d	HTTP requests with unusual HTTP headers or URI path (signature #46).	N/A	block
...6fe7a312	HTTP requests from known botnet (signature #70).	N/A	block	Expand filter to catch more attacks. It is now configurable.

HTTP DDoS managed ruleset - 2023-08-30 - Emergency

Wednesday, Aug 30, 2023

Rule ID	Description	Previous Action	New Action	Notes
...22807318	HTTP requests from known botnets.	ddos_dynamic	ddos_dynamic
...46082508	HTTP requests with unusual HTTP headers or URI path (signature #45).	N/A	block

HTTP DDoS managed ruleset - 2023-08-29 - Emergency

Tuesday, Aug 29, 2023

Rule ID	Description	Previous Action	New Action	Notes
...22807318	HTTP requests from known botnets.	managed_challenge	ddos_dynamic
...3fe55678	HTTP requests with unusual HTTP headers or URI path (signature #44).	N/A	block

HTTP DDoS managed ruleset - 2023-08-25 - Emergency

Friday, Aug 25, 2023

Rule ID	Description	Previous Action	New Action	Notes
...20c5afb5	HTTP requests with unusual HTTP headers or URI path (signature #36).	block	block	This rule was previously readonly, but can cause false positives in rare cases. It is now possible to override it.
...cb26e2e2	HTTP requests from known botnet (signature #69).	N/A	block
...ebff5ef1	HTTP requests with unusual HTTP headers or URI path (signature #43).	N/A	block

HTTP DDoS managed ruleset - 2023-08-16 - Emergency

Wednesday, Aug 16, 2023

Rule ID	Description	Previous Action	New Action	Notes
...9721fd20	HTTP requests trying to impersonate browsers (pattern #3).	N/A	ddos_dynamic

HTTP DDoS managed ruleset - 2023-08-14

Monday, Aug 14, 2023

Rule ID	Description	Previous Action	New Action	Notes
...22807318	HTTP requests from known botnets.	ddos_dynamic	managed_challenge	Expand the filter to catch more attacks.
...d2f294d7	HTTP requests trying to impersonate browsers.	ddos_dynamic	ddos_dynamic	Expand the filter to catch more attacks.

HTTP DDoS managed ruleset - 2023-08-11 - Emergency

Friday, Aug 11, 2023

Rule ID	Description	Previous Action	New Action
...1de9523e	HTTP requests with unusual HTTP headers or URI path (signature #41).	N/A	block
...22807318	HTTP requests from known botnets.	managed_challenge	ddos_dynamic
...aa03a345	HTTP requests from known botnet (signature #68).	N/A	block
...efca86eb	HTTP requests from known botnet (signature #66).	N/A	block
...f93fb5d6	HTTP requests from known botnet (signature #67).	N/A	block

HTTP DDoS managed ruleset - 2023-07-31

Monday, Jul 31, 2023

Rule ID	Description	Previous Action	New Action	Notes
...9aec0913	HTTP requests from known botnet (signature #52).	block	block	Expose existing read-only filter publicly as it might cause false positives in rare cases.
...c5f479f0	HTTP requests from known botnet (signature #62).	N/A	block
...d0e36f9c	HTTP requests from known botnet (signature #63).	N/A	block