This article describes the method for you to identity the attack your Anti-DDoS Pro IP addresses suffer, from HTTP flood attack and DDoS attack.
- HTTP flood attack: mainly indicates layer-7 website connection attacks.
- DDoS attack: mainly indicates layer-4 heavy traffic attacks.
Follow these steps to identity the attack your Anti-DDoS Pro IP addresses suffer:
Log on to the Alibaba Cloud Security Anti-DDoS console.
Go to Anti-DDoS Pro > Security Report.
Check attack records in the DDoS Protection and HTTP Flood Protection reports to determine the attack type.
For DDoS attack, you can find attack traffic record in the DDoS Protection report, and traffic cleaning is triggered. However, no associated record can be found in the HTTP Flood Protection report.
For HTTP flood attack, you can find attack traffic record in both of the DDoS Protection and HTTP Flood Protection reports, and traffic cleaning is triggered in the DDoS Protection report.
The DDoS Protection report only records layer-4 traffic. The HTTP flood are layer-7 attacks, and the relevant protection result can only be viewed in the HTTP Flood Protection report.