Help Center/ Content Delivery Network/ User Guide/ Custom Domain Name Configuration/ Access Control/ IP Access Frequency Control Against CC Attacks
Updated on 2025-09-16 GMT+08:00
View PDF

IP Access Frequency Control Against CC Attacks

You can restrict the number of times that a single IP address requests a URL from a PoP per second to defend against CC attacks and malicious theft.

Precautions

  • Restricting the IP access frequency can effectively defend against CC attacks, but it may affect normal access.
  • When the threshold is reached, CDN returns status code 403. The restriction is removed 10 minutes later.
  • When the IP access frequency limit is triggered, client requests are blocked and PoP resources are consumed, generating a small amount of traffic or bandwidth fees. If the service type of the domain name is whole site acceleration, the client request is also charged for the request fees.
  • By default, this function is disabled.

Procedure

  1. Log in to the CDN console.

  2. In the navigation pane, choose Domains.
  3. In the domain list, click the target domain name or click Configure in the Operation column.
  4. Click the Access Control tab and turn on the IP Access Frequency switch.
    Figure 1 IP access frequency
  5. Set Access Threshold and click OK.
    When the number of times that a single client IP address accesses a single URL via a PoP per second reaches the threshold, CDN returns status code 403 to the client. The restriction is removed 10 minutes later.
    • Value range: 1 to 100,000 requests/second
    • A low threshold can cause frequent blocking. For example, setting it to 1 means that CDN will block a client IP address for 10 minutes after receiving just one request per second to a specific URL from that IP address.
    • If you change Access Threshold within the restriction duration, the change takes effect after the restriction is removed.
  6. To disable this function, turn off the IP Access Frequency switch. This will clear related configuration.

Examples

Configuration: You have restricted the IP access frequency of domain name www.example.com to 10,000 requests/second.

Condition for triggering IP access frequency restriction: The number of times that an IP address requests a URL from a PoP per second reaches 10,000.

Example: A client's IP address is 0.0.0.0. This client accesses https://www.example.com/abc.jpg for 10,000 times within 1 second, triggering the access frequency restriction. When the client accesses this URL again, the request is blocked and status code 403 is returned. The restriction is removed 10 minutes later.

Parent topic: Access Control