Anti-DDoS Pro provides four layer-4 cleaning modes against the IP-level flow cleaning policies for your choice.
Background information
Note Currently, cleaning mode change only supports CT/CU and International lines. Generally, new cleaning policies take effect several minutes after you change the cleaning mode.
- Low: This mode uses loose cleaning policies with a relatively large threshold of the speed limit.
- Filters packages with defining DDoS characteristics, such as UDP reflection attack packages and attack packages that do not meet TCP characteristics.
- Filters defining SYN flood and ACK flood attacks.
- Applies easing restrictions on access IPs and destination IPs, mostly on the speed limit side.
- Medium: The default Medium mode uses normal cleaning policies.
- Filters packages with defining DDoS characteristics, such as UDP reflection attack packages and attack packages that do not meet TCP characteristics.
- Filters defining SYN flood and ACK flood attacks.
- Applies restrictions on access IPs and destination IPs in a certain scope, mostly on the speed limit side.
- Under circumstances, enables the reverse detection algorithm for the package filtering in a certain scope.
- Emergency: This mode uses relative strict cleaning policies. It enables connection detection for each IP to block IPs that have too many connections.
- Filters packages with defining DDoS characteristics, such as UDP reflection attack packages and attack packages that do not meet TCP characteristics.
- Filters defining SYN flood and ACK flood attacks.
- Discards UDP packages.
- Applies restrictions on access IPs and destination IPs in a certain scope. Speed limits, malicious IP blocking, and connection limits are enabled.
- High: This mode uses strict cleaning policies. It enables the origin authentication algorithm for package filtering under certain conditions.
- Filters packages with defining DDoS characteristics, such as UDP reflection attack packages and attack packages that do not meet TCP characteristics.
- Filters defining SYN flood and ACK flood attacks.
- Discards UDP packages.
- Applies restrictions on access IPs and destination IPs in a certain scope. Speed limits, malicious IP blocking, and connection limits are enabled.
- Enables the reverse detection algorithm for the package filtering in a certain scope.
Note As some clients may not respond normally to this algorithm, partial normal requests can be blocked.
By default, your Anti-DDoS Pro instance uses the Medium cleaning mode. You can change the 4-layer cleaning mode as you needed.