Both Anti-DDoS Pro and Anti-DDoS Premium provide standard and enhanced function plans. The enhanced function plan provides the following features in addition to all the features of the standard function plan: static page caching, non-standard ports support, and blocked regions. These features enhance connection capabilities of instances and the ability of Anti-DDoS Pro and Anti-DDoS Premium to prevent DDoS attacks. You can select a mitigation plan as required.

When you purchase Anti-DDoS Pro or Anti-DDoS Premium instances, the standard function plan is selected by default. You can select the enhanced function plan to obtain advanced anti-DDoS protection. The price for each instance that uses the enhanced function plan is USD 1,145 per month.

For a purchased instance that uses the standard function plan, you can scale up the specification to obtain enhanced anti-DDoS protection. For more information, see Upgrade the specifications of an Anti-DDoS Pro or Anti-DDoS Premium instance.

Note After you purchase an instance that uses the enhanced function plan or upgrade an instance to the enhanced function plan, you need to configure the domain names to enable the enhanced capabilities.

Comparison of the standard and enhanced function plans

The following table describes feature differences between the standard and enhanced function plans.

Category Feature Description Standard function plan Enhanced function plan
Protection algorithm Protection against volumetric DDoS attacks Supports protection against volumetric DDoS attacks such as malformed packet attacks and flood attacks. Supported Supported
Protection against resource exhaustion DDoS attacks Supports protection against common HTTP flood attacks at the transport layer, such as HTTP GET floods and HTTP POST floods.

For more information, see Configure frequency control.

Supported Supported
Intelligent protection
  • Supports intelligent protection against application-layer floods and mitigates HTTP flood attacks.
  • Supports intelligent protection against transport-layer floods and mitigates TCP flood attacks.

For more information, see Configure intelligent protection.

Supported Supported
Protection rule Black lists and white lists A blacklist and whitelist for each protected domain name can each contain a maximum of 200 IP addresses.

For more information, see Configure a blacklist and whitelist for a domain.

Supported Supported
Accurate access control Supports fine-grained access control based on HTTP.

For more information, see Configure accurate access control rules.

For each protected domain name, you can configure a maximum of five rules based on the following fields: IP, URL, Referer, and User-Agent. For each protected domain name, you can configure a maximum of 10 rules.
Blocked regions Blocks traffic based on geographic locations.

For more information, see Block regions for a domain.

Not supported Supported
Connection methods Standard HTTP ports (80 and 8080) and HTTPS ports (443 and 8443) Supports anti-DDoS protections based on standard HTTP ports (80 and 8080) and HTTPS ports (443 and 8443). Supported Supported
Non-standard HTTP and HTTPS ports Supports DDoS prevention based on non-standard HTTP and HTTPS ports.
Note For each instance, you can configure a maximum of 10 port forwarding rules that use non-standard ports.
Not supported Supported
Other Static page caching Supports static page caching to reduce page loading time.
Note Static page caching is in the public preview stage. For each protected domain name, you can configure a maximum of three rules.

For more information, see Configure static page caching rules.

Not supported Supported