The IP blacklist protection policies allows you to customize requests from specific IP addresses (IPv4 or IPv6 addresses) or CIDR blocks based on business scenarios. This topic describes how to enable and configure an IP address blacklist protection policies.
Prerequisites
- Dynamic Route for CDN (DCDN) Web Application Firewall (WAF) is enabled. For more information, see Getting started with DCDN WAF (new edition).
- The domain name that needs to be protected is added to WAF. For more information, see Getting started with DCDN WAF (new edition).
Create a protection policies-IP blacklist
IP blacklist rule parameter description
You can create an IP blacklist protection policies when you create an IP blacklist rule, or create a rule for an existing protection policies after you create an IP blacklist protection policies.
Option | Description |
---|---|
Rule Name | The name of the whitelist rule. The name can be up to 64 characters in length and can contain letters, digits, and underscores (_). |
IP address blacklist | Enter IP addresses. If a request is sent from one of the specified IP addresses, the
request matches the protection rule. You can enter the IP address based on the following
descriptions:
|
Action | Select the action that is performed when a request matches the rule. You can specify
different compression methods.
In Monitor mode, you can check the protection performance of the rule and check whether the rule blocks normal requests. Then, you can determine whether to set Action to Block based on the check results. |