After you add your website to Anti-DDoS Pro or Anti-DDoS Premium, you can turn on the Getting source port from the real customer switch to obtain your actual source ports of clients. You can also mark the back-to-origin requests that Anti-DDoS Pro or Anti-DDoS Premium forwards to the origin server by using custom HTTP headers. This allows the backend servers to perform statistical analysis on the back-to-origin requests in a more convenient manner. This topic describes how to mark the back-to origin requests that Anti-DDoS Pro or Anti-DDoS Premium forwards to your origin server.
Prerequisites
Your website is added to Anti-DDoS Pro or Anti-DDoS Premium. For more information, see Add one or more websites.Procedure
Log on to the Anti-DDoS Pro console.
In the top navigation bar, select the region of your asset.
Anti-DDoS Proxy (Chinese Mainland): If your instance is an Anti-DDoS Pro instance, select Chinese Mainland.
Anti-DDoS Proxy (Outside Chinese Mainland): If your instance is an Anti-DDoS Premium instance, select Outside Chinese Mainland.
You can switch the region to configure and manage Anti-DDoS Pro or Anti-DDoS Premium instances. Make sure that you select the required region when you use Anti-DDoS Pro or Anti-DDoS Premium.
In the left-side navigation pane, choose .
- Find the website whose configurations you want to edit and click Edit in the Actions column.
- On the page that appears, find the Traffic mark section and configure the following parameters.
Parameter Description Getting source port from the real customer If you want to obtain the actual source port of a client, turn on this switch. After you turn on the switch, Anti-DDoS Pro or Anti-DDoS Premium records the actual source port of the client in the
X-Forwarded-ClientSrcPortfield when Anti-DDoS Pro or Anti-DDoS Premium forwards the back-to origin requests to the origin server. To obtain the actual source port of the client, you can parse theX-Forwarded-ClientSrcPortfield in the back-to-origin requests. The specific procedures to obtain the actual source ports of clients are similar to how the actual source IP addresses of clients are obtained. For more information, see Obtain the originating IP addresses of requests.Custom Header If you want to create custom HTTP headers, you must specify field names and values. After you create custom HTTP headers, Anti-DDoS Pro or Anti-DDoS Premium adds the custom HTTP headers to the back-to-origin requests. This way, the backend servers can perform statistical analysis on the back-to-origin requests.
When you create a custom HTTP header, take note of the following points:- Do not use the following default HTTP headers as custom HTTP headers:
X-Forwarded-ClientSrcPort: This field is used to obtain the actual source ports of clients that access Anti-DDoS Pro or Anti-DDoS Premium (a Layer 7 proxy).X-Forwarded-ProxyPort: This field is used to obtain the ports of listeners that access Anti-DDoS Pro or Anti-DDoS Premium (a Layer 7 proxy).
- Do not use standard HTTP headers such as User-Agent. If you use standard HTTP headers, the original header fields may be overwritten.
- You can create up to five custom HTTP headers.
- Do not use the following default HTTP headers as custom HTTP headers:
- Click OK.