After you set up an Anti-DDoS Pro or Anti-DDoS Premium instance to protect your website service, Intelligent Protection is enabled automatically. You can manually adjust anti-DDoS protection policies for your website service, which include Intelligent Protection, Black Lists and White Lists (Domain Names), Blocked Regions (Domain Names), Accurate Access Control, and Frequency Control.

Prerequisites

An Anti-DDoS Pro or Anti-DDoS Premium instance is set up by using a domain name. For more information, see Step 1: Add forwarding rules.

Procedure

  1. Log on to the Anti-DDoS Pro console.
  2. In the top navigation bar, select the region of your Anti-DDoS instance.
    • Mainland China: Anti-DDoS Pro
    • Outside Mainland China: Anti-DDoS Premium
  3. In the left-side navigation pane, choose Provisioning > Website Config.
  4. On the Website Config page, find the target domain name and click Mitigation Settings in the Actions column.Mitigation Settings
  5. On the Protection for Website Services tab, configure protection policies for the domain name. Supported protection policies include Intelligent Protection, Black Lists and White Lists (Domain Names), Blocked Regions (Domain Names), Accurate Access Control, and Frequency Control.Protection for Website Services
    • Intelligent Protection: It is enabled by default. Intelligent Protection enables the intelligent and big data-based analysis engine to learn the traffic patterns of workloads, detect and block new types of HTTP flood attacks, and dynamically adjust policies to block malicious requests. You can manually change the protection mode and level. For more information, see Configure intelligent protection.
    • Black Lists and White Lists (Domain Names): After this policy is enabled, access requests from the IP addresses or CIDR blocks in the blacklist are blocked, while access requests from the IP addresses or CIDR blocks in the whitelist are allowed. For more information, see Configure blacklists and whitelists for domain names.
    • Blocked Regions (Domain Names): You can specify both the regions inside and outside China that you want to block. Requests from IP addresses in the blocked regions are blocked. For more information, see Configure blocked regions for domain names.
    • Accurate Access Control: allows you to customize access control rules. You can filter access requests based on a combination of criteria of commonly used HTTP fields, such as IP, URI, Referer, User-Agent, and Params. For requests that meet these criteria, you can allow, block, or verify them. For more information, see Configure accurate access control rules.
    • Frequency Control: allows you to restrict the frequency of access from a source IP address to your website. Frequency Control takes effect immediately after it is enabled. By default, the normal mode is used to protect website services against common HTTP flood attacks. You can manually change the protection mode and create custom rules to reinforce protection. For more information, see Configure frequency control.