This topic describes how to configure and enable the Blocked Regions policy. This policy allows you to block requests initiated from IP addresses in specific regions (regions inside and outside China) for an Anti-DDoS Pro or Anti-DDoS Premium instance. Anti-DDoS Pro or Anti-DDoS Premium instances that use the enhanced function plan support this policy. After you enable this policy, requests from the specified regions to access Anti-DDoS Pro or Anti-DDoS Premium instances are dropped.
Prerequisites
Background information
The Blocked Regions policy blocks requests from specific regions in scrubbing centers. This policy drops blocked requests near the destination servers. Anti-DDoS Pro or Anti-DDoS Premium instances identify and filter requests based on the region of the source IP addresses. This policy cannot reduce the volume of attack traffic. Therefore, it is suitable for blocking attacks that consume system resources.

Blocked Regions and Blocked Regions (Domain Names)
The Blocked Regions policy configured for Anti-DDoS Pro or Anti-DDoS Premium instances has a higher priority than the Blocked Regions (Domain Names) policy when they are used together.
For example, if you have enabled Blocked Regions for an Anti-DDoS Pro or Anti-DDoS Premium instance to block requests from regions outside China, users outside China cannot access domain names associated with this instance regardless of whether Blocked Regions (Domain Names) is enabled for the domain names. If you want to block regions outside China for some services, we recommend that you configure blocked regions for domain names rather than Anti-DDoS Pro or Anti-DDoS Premium instances. For more information, see Block regions for a domain.