All Products
Search

This Product

    Anti-DDoS:Configure the location blacklist (domain names) feature

    Document Center

    Anti-DDoS:Configure the location blacklist (domain names) feature

    Last Updated:Mar 22, 2024

    This topic describes how to configure a location blacklist for a website that is protected by an Anti-DDoS Proxy instance. After you enable the feature, you can add a location to the location blacklist to block requests from IP addresses that reside within the location with a few clicks.

    Background information

    You can configure the feature in the following scenarios:

    • If your website is available only for users in a location, you can add other locations to the location blacklist after you add your website to Anti-DDoS Proxy. For example, your website is available only for users in China, and you can add locations outside China to the location blacklist.

    • If your website experiences frequent DDoS attacks from a location, you can add the location to the location blacklist after you add your website to Anti-DDoS Proxy.

    Precautions

    • This feature is supported only for websites. We recommend that you configure traffic blocking features on the Protection for Infrastructure tab to protect non-website services. For more information, see Configure the near-origin traffic diversion feature and Configure the location blacklist feature. The near-origin traffic diversion feature is supported only by Anti-DDoS Proxy (Chinese Mainland).

    • You cannot configure location blacklists for multiple domain names at a time. If you want to configure location blacklists for multiple domain names, you must separately configure a location blacklist for each domain name.

    • The location blacklist (domain names) feature identifies and filters only requests whose originating IP addresses reside in the blocked locations. This feature cannot reduce the volume of attack traffic.

    Prerequisites

    A website is added to an Anti-DDoS Proxy instance that uses the Enhanced function plan. For more information, see Add one or more websites.

    Procedure

    1. Log on to the Anti-DDoS Proxy console.

    2. In the top navigation bar, select the region of your instance.

      • Anti-DDoS Proxy (Chinese Mainland): If your instance is an Anti-DDoS Proxy (Chinese Mainland) instance, select Chinese Mainland.

      • Anti-DDoS Proxy (Outside Chinese Mainland): If your instance is an Anti-DDoS Proxy (Outside Chinese Mainland), select Outside Chinese Mainland.

    3. In the left-side navigation pane, choose Mitigation Settings > General Policies.

    4. On the General Policies page, click the Protection for Website Services tab. In the left-side list of domain names, select a domain name.

    5. In the Location Blacklist (Domain Names) section, click Settings.

    6. In the Configure Location Blacklist panel, select the locations that you want to block and click OK.

    7. Go back to the Location Blacklist (Domain Names) section and turn on Status to apply the configuration.

    Result

    After the feature is enabled, the configuration immediately takes effect on all Anti-DDoS Proxy instances that are associated with the specified domain name.