CDN supports the blacklist and whitelist rules. You can add IP addresses on the IP blacklist. An IP address on the blacklist cannot access the target domain. Likewise, only IP addresses on the whitelist can access the target domain.

Note If you add one IP address to the blacklist, it can still access to CDN node. But it will be refused with 403. As a result, these request logs will still exist in your CDN logs.


You can use an IP network segment to add IP addresses to the blacklist or whitelist. For example, 24 indicates that the first 24 bits in the subnet mask are used as effective bits, for example, 32-24=8 bits are used to express host numbers. In this way, the subnet can accommodate 2 ^ 8-2 = 254 hosts. And indicates the IP network segment scope of


  1. Log on to the CDN console.
  2. In the left-side navigation pane, choose Domain Names. In the main workspace, select a domain, and in the Actions column click Manage.

  3. In the left-side navigation pane, choose Resource Access Control. In the main workspace, choose the IP Address Blacklists/Whitelists tab, and on the IP Address Blacklists/Whitelists tab page click Modify.

  4. In the dialog box that is displayed, set List Type to Blacklist or Whitelist, add the IP network segment in the text box below, and click Confirm.