Cookie Validation is a type of Web Challenge that is used in DDoS mitigation to filter out attackers from legitimate clients. The challenge is to send every client, attacker and legitimate user a web cookie and to request that the client send it back (typically using the HTTP 302 Redirect command). A virtually legitimate browser supports web cookies and will easily pass the challenge transparently (without the user’s notice), while DDoS bots typically don’t save cookies and therefore cannot pass the challenge.
Related entries: JavaScript Challenge, Web Challenges, Web Challenge Spectrum
ARE YOU READY ?
Answer seven online questions and get a free report assessing your protection status with recommendations for improvement