Domain Group Policy Management
DeepFinder's security policies are divided into DOMAIN POLICY and URL POLICY based on the scope of application. Each policy is configured by referencing predefined template objects (patterns, IP groups, etc.) for efficient management.
The mapping information between each security policy item and the template objects is shown in the table below.
| Template | Security Policy Tab | Detailed Policy |
|---|---|---|
| Security Pattern | DOMAIN POLICY | HEADER FIELD NAME |
| HEADER FIELD VALUE | ||
| COOKIE SECURITY | ||
| URL POLICY | SECURITY PATTERN | |
| DATA LEAKAGE PREVENTION | ||
| FILE PATTERN | ||
| Header Field | DOMAIN POLICY | HEADER FIELD NAME |
| HEADER FIELD VALUE | ||
| IP | DOMAIN POLICY | METHOD |
| DOMAIN IP | ||
| URL POLICY | IP ACCESS | |
| Upload File | URL POLICY | UPLOAD |
| URL Restriction Pattern | DOMAIN POLICY | URL RESTRICTION |
| Method | DOMAIN POLICY | METHOD |
DOMAIN POLICY
The Domain Policy is a global setting applied collectively to the entire domain group. It defines security rules commonly required across web services, such as HTTP header inspection, DoS protection, and error page handling.
| Item | Description |
|---|---|
| DOMAIN DEFAULT SECURITY | Configures basic web vulnerability defense policies such as file extension tampering, abnormal image requests, and directory listing. |
| PROTOCOL SECURITY | Sets security policies related to HTTP protocol versions. |
| DEFAULT LIMIT | Sets protocol specification limits, such as HTTP request header length and cookie count. |
| ERROR PAGES | Configures the error page (redirection URL, etc.) to be displayed to the user when a block occurs. |
| DOS | Sets thresholds (connection count) and response methods to detect and block DoS/DDoS attacks. |
| HEADER FIELD NAME | Configures policies to validate HTTP header field names. |
| HEADER FIELD VALUE | Configures policies to validate HTTP request header values and check for response header value tampering. |
| METHOD | Sets allow/block status and IP access control for each HTTP method (GET, POST, etc.). |
| COOKIE SECURITY | Configures encryption application and security pattern inspection policies for cookie values. |
| URL RESTRICTION | Blocks requests for specific files or paths that should be restricted. |
| DOMAIN IP | Sets IP whitelists (Allow) and blacklists (Block) to be applied to the entire domain group. |
URL POLICY
The URL Policy applies granular security rules at the file, folder (directory), or parameter level. To configure a policy, you must first select the target URL from the list on the left. Multiple types of security policies can be configured in combination for a single URL.
| Item | Description |
|---|---|
| URL BASIC LIMIT | Sets basic constraints for the URL, such as parameter count, upload file size/count, and header/body length. |
| SECURITY PATTERN | Inspects malicious patterns (SQL Injection, XSS, etc.) included in URL request parameter values. |
| DATA LEAKAGE PREVENTION | Inspects response data for sensitive information such as resident registration numbers or credit card numbers and blocks/masks it. |
| IP ACCESS | Sets separate IP access controls (Allow/Block) for specific URL paths. |
| UPLOAD | Sets file extensions to allow or block when uploading files via the corresponding URL. |
| FILE PATTERN | Inspects the binary pattern (signature) of uploaded files to block malicious files. |
| POST ATTACK | Detects and blocks DoS attacks exploiting the HTTP POST method, such as Slowloris and RUDY. |
| DEEP FILE INSPECTION | Inspects the content of compressed files or specific file types deeply for hidden threats. |
| BRUTE FORCE ATTACK | Detects and blocks Brute Force attacks occurring on login pages, etc. |