After you set up an Anti-DDoS Pro or Anti-DDoS Premium instance to protect your website service, Intelligent Protection is enabled automatically. You can manually adjust anti-DDoS protection policies for your website service, which include Intelligent Protection, Black Lists and White Lists (Domain Names), Blocked Regions (Domain Names), Accurate Access Control, and Frequency Control.
- Log on to the Anti-DDoS Pro console.
- In the top navigation bar, select the region where your instance resides.
You can switch the region to configure and manage Anti-DDoS Pro or Anti-DDoS Premium instances. Make sure that you select the required region when you use Anti-DDoS Pro or Anti-DDoS Premium.
- Anti-DDoS Pro: If your instance is an Anti-DDoS Pro instance, select Chinese Mainland.
- Anti-DDoS Premium: If your instance is an Anti-DDoS Premium instance, select Outside Chinese Mainland.
- In the left-side navigation pane, choose .
- On the Website Config page, find the target domain name and click Mitigation Settings in the Actions column.
- On the Protection for Website Services tab, configure protection policies for the domain name. Supported protection policies
include Intelligent Protection, Black Lists and White Lists (Domain Names), Blocked
Regions (Domain Names), Accurate Access Control, and Frequency Control.
- Intelligent Protection: It is enabled by default. Intelligent Protection enables the intelligent and big data-based analysis engine to learn the traffic patterns of workloads, detect and block new types of HTTP flood attacks, and dynamically adjust policies to block malicious requests. You can manually change the protection mode and level. For more information, see Use the intelligent protection feature.
- Black Lists and White Lists (Domain Names): After this policy is enabled, access requests from the IP addresses or CIDR blocks in the blacklist are blocked, while access requests from the IP addresses or CIDR blocks in the whitelist are allowed. For more information, see Configure blacklists and whitelists for domain names.
- Blocked Regions (Domain Names): You can specify both the regions inside and outside China that you want to block. Requests from IP addresses in the blocked regions are blocked. For more information, see Configure a location blacklist for a domain name.
- Accurate Access Control: allows you to customize access control rules. You can filter access requests based on a combination of criteria of commonly used HTTP fields, such as IP, URI, Referer, User-Agent, and Params. For requests that meet these criteria, you can allow, block, or verify them. For more information, see Configure accurate access control rules.
- Frequency Control: allows you to restrict the frequency of access from a source IP address to your website. Frequency Control takes effect immediately after it is enabled. By default, the normal mode is used to protect website services against common HTTP flood attacks. You can manually change the protection mode and create custom rules to reinforce protection. For more information, see Configure frequency control.