Anti-DDoS Pro and Anti-DDoS Premium protect a website only after you add the website to Anti-DDoS Pro or Anti-DDoS Premium and complete forwarding settings. You can add more than one website at a time. This topic describes how to add a website and how to import the configurations of more than one website to Anti-DDoS Pro or Anti-DDoS Premium at a time.
Prerequisites
Add a website
What to do next
After you add the website, you must perform the following operations to enable Anti-DDoS
Pro or Anti-DDoS Premium to protect the website.
- If HTTPS services are connected to Anti-DDoS Pro or Anti-DDoS Premium, you must upload
an HTTPS certificate file. This way, HTTPS requests can be redirected to Anti-DDoS
Pro or Anti-DDoS Premium for protection. For more information, see Upload an HTTPS certificate.
Note If a website is associated with an Anti-DDoS Pro or Anti-DDoS Premium instance that uses the Enhanced function plan, you can customize a TLS security policy for the website after you upload an HTTPS certificate file. For more information, see Create a custom TLS policy.
- If security software, such as a firewall, is installed on the origin server, you must add the back-to-origin IP addresses of the Anti-DDoS Pro or Anti-DDoS Premium instance to the whitelist of the origin server. This ensures that the traffic from Anti-DDoS Pro or Anti-DDoS Premium is not blocked by security software on your origin server. For more information, see Allow back-to-origin IP addresses to access the origin server.
- If your origin server is an Alibaba Cloud ECS instance and the IP address of the ECS instance is exposed, you must change the public IP address of the ECS instance. This prevents attackers from bypassing Anti-DDoS Pro or Anti-DDoS Premium to attack your origin server. For more information, see Change the public IP address of an ECS origin server.
- Verify that the website configurations that you added to Anti-DDoS Pro or Anti-DDoS Premium take effect on your computer. If you change the DNS record before the configurations for the website take effect, services may be interrupted. For more information, see Verify the forwarding configuration on your local machine.
- Anti-DDoS Pro or Anti-DDoS Premium assigns a CNAME to the website that you added. You must change the DNS record to map the domain name to the CNAME. You can manually change the DNS record or use the NS Access Mode feature to enable the system to automatically change the DNS record. For more information, see the following topics:
- Optional:After you add the website, Intelligent Protection and Frequency Control are enabled by default. You can enable more features and modify protection rules for the website on the Protection for Website Services tab. For more information, see Configure intelligent protection.