To use Anti-DDoS Pro or Anti-DDoS Premium to protect your non-website services, such as client-based games, mobile games, or apps, you must create forwarding rules on the Port Config page. You can also configure Layer 4 anti-DDoS protection, such as session persistence, health checks, and anti-DDoS protection policies.
Prerequisites
An Anti-DDoS Pro or Anti-DDoS Premium instance is purchased. For more information, see Purchase mitigation plans for Anti-DDoS Pro and Anti-DDoS Premium.
Create a forwarding rule
Create multiple forwarding rules at a time
What to do next
After you create forwarding rules, you must perform the following operations to protect
your non-website services.
- Allow the back-to-origin IP address of Anti-DDoS Pro and Anti-DDoS Premium on the origin server. This ensures that the traffic from Anti-DDoS Pro or Anti-DDoS Premium is allowed by security software on your origin server. For more information, see Allow back-to-origin IP addresses to access the origin server.
- Verify that the forwarding rules have taken effect from the local computer to avoid
service exceptions caused by incorrect forwarding rule configurations. For more information,
see Verify the forwarding configuration on your local machine.
Warning If you switch your service traffic to instances before the forwarding rules take effect, your services may be interrupted.
- Redirect the traffic of your non-web services to the Anti-DDoS Pro or Anti-DDoS Premium
instance. You can redirect the traffic by using one of the following methods:
- If your service is reachable over the IP address, replace the service IP address with
the exclusive IP address of the Anti-DDoS Pro or Anti-DDoS Premium instance.
Note The method to replace the IP address depends on your platform.
- If your service is also reachable over a domain name, for example, aliyundemo.com that functions as the server address or is added to a client program, change the A record at the DNS resolution service provider of the domain name to direct the traffic to the exclusive IP address of the Anti-DDoS Pro or Anti-DDoS Premium instance. For more information, see Change the DNS record.
- If your service is reachable over the IP address, replace the service IP address with
the exclusive IP address of the Anti-DDoS Pro or Anti-DDoS Premium instance.