This topic describes how to configure the Blocked Regions (Domain Names) policy in both Anti-DDoS Pro and Anti-DDoS Premium for protected website services. If this policy is configured and enabled, you can block all access requests from IP addresses of specific regions, such as regions inside or outside China.
- A website is added to Anti-DDoS Pro or Anti-DDoS Premium and associated with an instance that uses the enhanced function plan. For more information, see Add a website.
- Protection settings in Anti-DDoS Pro or Anti-DDoS Premium of the latest version are enabled.
If you set up an Anti-DDoS Pro or Anti-DDoS Premium instance to protect your website service and most requests are sent from regions inside China to your instance, deny requests from regions outside China. You can also block other regions as required. To use this policy, specify the regions that you want to block. Supported regions are as follows:
- Regions inside China
Shanghai, Yunnan, Nei Mongol, Beijing, Jilin, Sichuan, Tianjin, Ningxia, Anhui, Shandong, Shaanxi, Shanxi, Guangdong, Guangxi, Xinjiang, Jiangsu, Jiangxi, Hebei, Henan, Zhejiang, Hainan, Hubei, Hunan, Gansu, Fujian, Xizang, Guizhou, Liaoning, Chongqing, Qinghai, Heilongjiang, Hong Kong S.A.R, Macao S.A.R, and Taiwan
- Regions outside China
Asia (except for regions inside China), Europe, North America, South America, Africa, Oceania, and Antarctica
- This policy is available only for website services. To protect non-website services, we recommend that you configure the traffic block policies on the Protection for Infrastructure tab. For more information, see Configure diversion from the origin server, which is only supported by Anti-DDoS Pro, and Configure blocked regions.
- This policy is valid only for domain names. If you need to block regions for different domain names, you must specify the regions you want to block for the domain names separately.
- This policy only identifies and filters requests from IP addresses that are in the blocked regions. It cannot reduce the volume of transmitted attack traffic.
- Log on to the Anti-DDoS Pro console.
- In the top navigation bar, select the region of your Anti-DDoS instance.
- Mainland China: Anti-DDoS Pro
- Outside Mainland China: Anti-DDoS Premium
- In the left-side navigation pane, choose .
- On the General Policies page, click the Protection for Website Services tab. On the tab that appears, select the target domain name from the list on the left side.
- In the Blocked Regions (Domain Names) section, click Change Settings.
- In the Select Region dialog box, select the regions that you want to block and then click OK.
As shown in the following figure, requests from regions outside China cannot access your website after you configure the blocked regions.
- Go back to the Blocked Regions (Domain Names) section and turn on Status to apply the configuration.