Use this feature to add specific areas of Mainland China, Hong Kong, Macao and Taiwan, and up to 247 countries in the world to the region blacklist. All requests from the specified areas are blocked.

Background information

To enable the Blocked Regions feature, you must upgrade WAF to Business Edition or above. For more information about the upgrade, see Renewal and upgrade.

Note WAF instances created in International regions must be upgraded to the Enterprise edition.
To enable and specify blocked regions, follow these steps:
Note Ensure that you have added the target domain in WAF for protection. For more information, see CNAME access guide.

Procedure

  1. Log on to the Web Application Firewall console.
  2. Go to the Management > Website Configuration page, and select the region of your WAF instance (Mainland China or International).
  3. Select the domain to be configured, and click Policies.
  4. Enable the Blocked Regions option.
    Note To make the Area Blocking polices be effective, ensure that the system default rule is enabled in HTTP ACL Policy.


  5. Click Settings, select the Mainland China or International scope, and select the areas that you want to block. Then, click OK.
    Note When you select the International scope, you can quickly find the country or area through the initial letter of the country name or the quick search.


Result

After you confirm the settings, all requests from the IP addresses in the blocked areas are blocked by WAF.
Note The source area information of the IP is based on the Alibaba Taobao IP address Library.