Web Application Firewall (WAF) uses specific IP addresses to proactively detect the health status of your protected origin servers. We recommend that you do not block these IP addresses.

To ensure that origin servers can respond to the normal business requests forwarded by WAF, WAF proactively detects the health status of your protected origin servers on an irregular basis.

WAF uses fixed IP addresses to detect only the health status of your protected origin servers. The detection does not affect your origin servers. If data packets from proactive detection IP addresses are found in the access logs of your protected origin servers, you do not need to concern about whether your origin servers have been subject to malicious attacks. To ensure that the health check feature of WAF works as expected, we recommend that you add proactive detection IP addresses to a whitelist in the access control policies of your origin servers.

Proactive detection IP addresses at Layer 3

Region/Line Proactive detection IP address
China (Qingdao) 47.104.162.123
China (Beijing) 39.107.84.97
China (Hangzhou) 47.97.187.10
China (Shanghai) 47.100.176.74
China (Shenzhen) 120.78.69.183
Line cn335, China Unicom Dalian branch 211.93.148.207
China (Hong Kong) 47.52.224.185
Singapore (Singapore) 47.74.135.107
Australia (Sydney) 47.91.45.70
Malaysia (Kuala Lumpur) 47.254.197.21
US (Virginia) 47.90.210.37
US (Silicon Valley) 47.254.31.65
Germany (Frankfurt) 47.254.133.240

Proactive detection IP addresses at Layer 4 and Layer 7

Network type Proactive detection IP address
Private network
  • 10.181.0.186
  • 10.181.0.187
  • 10.181.2.120
  • 10.181.2.126
Internet
  • 140.205.205.7
  • 140.205.205.6
  • 140.205.205.15
  • 140.205.205.11