This topic describes the blackhole filtering thresholds and blackhole filtering duration in Cloud Web Hosting.

Background information

Cloud Web Hosting provides shared Cloud Web Hosting instances and exclusive Cloud Web Hosting instances.

Blackhole filtering thresholds

The following table lists the blackhole filtering thresholds for exclusive Cloud Web Hosting instances in different regions.

Note Blackhole filtering thresholds for shared Cloud Web Hosting instances are not fixed because multiple shared Cloud Web Hosting instances share one IP address. The blackhole filtering threshold for shared Cloud Web Hosting instances is lower than the blackhole filtering threshold for exclusive Cloud Web Hosting instances in the same region. If volumetric DDoS attacks occur on a shared Cloud Web Hosting instance and blackhole filtering is triggered, other shared Cloud Web Hosting instances that share the same IP address with the instance cannot be accessed. If your service requires high security and stability, we recommend that you purchase exclusive Cloud Web Hosting instances or Elastic Compute Service (ECS) instances.
Region Blackhole filtering threshold
China (Hangzhou) 5 Gbit/s
China (Qingdao) 5 Gbit/s
China (Shenzhen) 2 Gbit/s
China (Beijing) 2 Gbit/s
China (Shanghai) 2 Gbit/s
China (Hong Kong) 500 Mbit/s
US (Silicon Valley) and US (Virginia) 500 Mbit/s
Singapore 500 Mbit/s

Blackhole filtering duration

The default blackhole filtering duration is 2.5 hours, and you cannot deactivate blackhole filtering during the period. The actual duration varies from 30 minutes to 24 hours based on the attack severity. The blackhole filtering duration changes based on the following factors:
  • The duration of attacks. If attacks continue for a long time, the duration of blackhole filtering is extended.
  • The frequency of attacks. If an asset experiences attacks for the first time, the duration of blackhole filtering automatically decreases. If an asset experiences frequent attacks, the asset has a high probability to encounter continuous attacks, and the duration of blackhole filtering is automatically extended.
Note If blackhole filtering is frequently triggered for an asset, Alibaba Cloud reserves the right to further extend the duration of blackhole filtering and lower the threshold to trigger blackhole filtering for the asset. You can view the actual duration and threshold of blackhole filtering in the console.

If you want to obtain higher DDoS mitigation capabilities, purchase an Anti-DDoS Pro instance or Anti-DDoS Premium instance that provides up to 300 Gbit/s of basic protection bandwidth each day. For more information, visit the product page of Anti-DDoS.