Anti-DDoS Pro provides the following new features to help you defend against HTTP flood attacks: Geo-blocking, Accurate Access Control, and Intelligent Protection. Meanwhile, Web Acceleration is now available to speed up your website.
Enable new protection policies
During the beta testing period, HTTP flood protection policies only include two features by default: Blacklist and Whitelist, and HTTP Flood Protection.
- Log on to the Anti-DDoS Pro console.
- In the left-side navigation pane, choose Try out New Protection Policies. , select your domain, and click
- In the dialog box that appears, read the note and click OK.
- After you start using the new protection policies, your Anti-DDoS Pro instance uses a new CIDR block to forward traffic back to your origin server. If you have configured access control policies on your origin server, make sure to add the new CIDR block to the whitelist.
- To switch back to the old protection policies, click Old Version on the Protection Settings page.
- The new protection policies only support strong cipher suites. Before you switch to the new protection policies, make sure your cipher suite is supported. For more information, see Cipher suites supported by the new protection policies.
Introduce new protection policies
- Geo-blocking: This feature enables you to block traffic based on geographical location. Chinese regions are divided into 34 provincial regions and international regions are divided into 7 continents. The Anti-DDoS scrubbing center directly discards traffic originating from blocked regions.
- Accurate Access Control: This feature allows you to customize access control rules to filter requests based on the client IP, request URL, and common HTTP header fields, such as the referer, user-agent, and parameter. You can handle matching requests with different actions, such as clear, block, and challenge.
- Intelligent Protection: Based on a big data analysis engine, this feature can analyze your traffic patterns to preemptively detect and block DDoS attacks.
- Web Acceleration Policies: Integrated with Web caching techniques, this feature uses the scrubbing center to speed up your site and protect it from DDoS attacks You can add custom rules to cache specific URLs. Meanwhile, you can select from two cache modes:
- Standard: Only caches static files on the page, such as .css, .js, and .txt files.
- Enhanced: Caches all contents on the page.
Cipher suites supported by the new protection policies