When your server suffers massive DDoS attacks and the blackhole mechanism is triggered, the public IP of the server is banned for a certain time period based on the security credibility of the server.
- Whether the attack persists. The blackhole duration time keeps extending, if the attack continues. The blackhole duration time is re-calculated from the time of extension.
- Whether the attack is frequent. If a user is attacked for the first time, the blackhole duration time will be automatically shortened. On the contrary, the blackhole duration time for a user under frequent attacks will be automatically extended as the user is more likely to be attacked again.
You can log on to the Anti-DDoS Basic console to view the specific blackhole threshold and duration time.
- For users suffering overly frequent blackholes, Alibaba Cloud reserves the right to extend the blackhole duration time and reduce the blackhole threshold.
- Blackhole is a service provided by Internet service providers (ISPs) and ISPs have a clear time limit to the blackhole deactivation. Thus, in general, the blackhole duration time is no less than 30 minutes, and the specific blackhole duration time of your account is automatically adjusted according to the security credibility of your account.
- Log on to the Anti-DDoS Basic console.
- On the DDoS Attack Protection Information switch in the upper right corner. page, turn on the
- View the current blackhole duration time.