By default, Alibaba Cloud provides basic protection capacity for resources that have public IP addresses configured. These resources include Elastic Compute Service (ECS) instances, Server Load Balancer (SLB) instances, Elastic IP (EIP) instances, and Web Application Firewall (WAF) assets. If the throughput of a DDoS attack is more than the default protection capacity of the resource, we recommend that you purchase Anti-DDoS Origin Enterprise instance. Anti-DDoS Origin Enterprise uses all protection capacity of a region where the public IP address resides to defense against the attacks. This ensures business continuity.

Background information

Anti-DDoS Origin Enterprise provides unlimited protection. When DDoS attacks are detected, Anti-DDoS Origin Enterprise automatically uses all the protection capacity of a region where an instance resides to defend against the DDoS attacks.

Prerequisites

Before activating Anti-DDoS Origin Enterprise, you need to confirm the following information:

  • The IP address that you want to protect.
  • The region where the IP address resides.
    Note Anti-DDoS Origin is not available in all regions. Before you activate Anti-DDoS Origin, ensure that Anti-DDoS Origin is available in the region where an IP address that you want to protect resides. For more information about supported regions where you can activate Anti-DDoS Origin Enterprise, see What is Anti-DDoS Origin?.

Procedure

  1. For more information about how to purchase an Anti-DDoS Origin Enterprise instance, see Purchase an Anti-DDoS Origin Enterprise instance.
    Note Ensure that the region where an Anti-DDoS Origin instance resides is the same as the region where resources that are protected by the instance reside. The resources include Elastic Compute Service (ECS) instances, Server Load Balancer (SLB) instances, and Elastic IP (EIP) instances.
  2. Log on to the Anti-DDoS Basic console.
  3. On the Anti-DDoS Origin page, find the target instance, and click Add a protection target to add the addresses that you want to protect to the instance.

Result

After you add an IP address to an Anti-DDoS Origin instance, the protection capacity of the instance applies to the IP address. On the Assets page, you can find that the protection capacity of the IP address increases to the protection capacity of the instance.