An ECS instance with a public IP address is considered compliant if its Anti-DDoS status is not 'Black Hole Activated'. This rule does not apply to an ECS instance without a public IP address.
Threat level
Default threat level: High.
You can change the risk level as needed.
Detection logic
An ECS instance with a public IP address is compliant if its Anti-DDoS status is not 'Black Hole Activated'. This rule does not apply to an ECS instance without a public IP address.
Rule details
Parameter | Description |
Rule name | ECS Anti-DDoS status check |
Rule identifier | |
Tag | ECS |
Automatic remediation | Not supported |
Rule trigger | Periodic |
Trigger frequency | 24 hours |
Supported resource types | ACS::ECS::Instance |
Input parameters | None |
Remediation guide
For instructions on how to remediate non-compliant resources, see Thresholds that trigger blackhole filtering in Anti-DDoS Basic.