I have added an IP address to the IP blacklist in the Content Delivery Network (CDN) console. Why can the IP address still be used to request resources?


CDN cannot restrict client-side requests. However, you can add the IP address to the IP blacklist in CDN. Therefore, the HTTP 403 status code is returned when the IP address is used to request resources from CDN. You can view the corresponding logs. For more information, see Download logs.

The outbound network traffic used for returning the HTTP 403 responses incurs network traffic fees. In this process, no outbound network traffic is generated for resources. Only the network traffic for the response header is billed. Therefore, returning HTTP 403 responses only incurs a few network traffic fees. For more information, see Pricing of CDN.


Common logs can be queried about four to eight hours after the logs are generated. We recommend that you enable real-time logs to record activities in CDN.