If a service protected by Anti-DDoS Pro is attacked and the bandwidth of attack traffic exceeds the basic or burstable protection threshold, blackhole filtering is triggered. In this case, you can manually deactivate blackhole filtering in the Anti-DDoS Pro console to recover your service. We recommend that you increase the basic or burstable protection capability before you deactivate blackhole filtering. This prevents blackhole filtering from being triggered again.

Prerequisites

An Anti-DDoS Pro instance is purchased.
Note Anti-DDoS Pro supports deactivation of blackhole filtering, but Anti-DDoS Premium does not.

Background information

Each Alibaba Cloud account can deactivate blackhole filtering up to five times per day. The count is reset at 00:00:00 (UTC+8) the next day.

You consume a chance of deactivation only when you successfully deactivated blackhole filtering. The first deactivation in a day immediately takes effect. The interval of two deactivation operations must be greater than 10 minutes.

Procedure

  1. Log on to the Anti-DDoS Pro console.
  2. In the top navigation bar, select Chinese Mainland.
    You can switch the region to manage and configure Anti-DDoS Pro or Anti-DDoS Premium instances. Make sure that you select the required region of Anti-DDoS Pro.
  3. In the left-side navigation pane, choose Mitigation Settings > General Policies.
  4. On the Protection for Infrastructure tab, select the Anti-DDoS Pro instance from the list on the left.
    You can also search for the instance by its ID or description.
  5. In the Deactivate Blackhole Status section, deactivate blackhole filtering based on the instance status.Deactivate Blackhole Status
    • If the instance is in the Blackhole state, and you do not want to wait for blackhole filtering to be automatically deactivated, click Deactivate Blackhole and wait for blackhole filtering to be deactivated.
    • If the instance is in the Normal state, the Deactivate Blackhole button is dimmed.
    The interval of two deactivation operations must be greater than 10 minutes.

Result

  • Blackhole filtering is a risk management policy used by the backend servers of Alibaba Cloud. If your request to deactivate blackhole filtering fails, your deactivation chance for the day is not deducted. In this case, an error message appears. You can wait and try again later.
  • If the message "Cannot deactivate the black hole status due to risk management. Wait 10 minutes and try again." appears, try again 10 minutes later.
  • If no error message appears, blackhole filtering is deactivated. You can refresh the page to check whether network access is restored.