Help Center>
Anti-DDoS Service>
FAQs>
AAD FAQs>
Access Configuration>
How Do I Change the Exposed IP Address of an Origin Server?
Updated on 2023-09-14 GMT+08:00
How Do I Change the Exposed IP Address of an Origin Server?
Scenarios
If the origin server is still under attacks even after AAD is configured, change the IP address of the origin server because it has been exposed.
This topic uses the EIP of an ECS as an example to describe how to change the origin server IP address.
Typical causes
- If the IP address of an origin server has been attacked by hackers before the AAD service is configured, the origin server IP address has been exposed to attackers.
- Some attackers may record the IP addresses used by exposed origin servers. Even after AAD is configured, the attackers will bypass AAD and directly launch attacks towards the known IP addresses. In this case, it is best practice to change the IP addresses of the origin servers.
Figure 1 Typical causes
Solution
An ECS is used as an example. If the EIP of the ECS is exposed, you can reassign an unexposed EIP to the ECS to change the IP address of the origin server.
Figure 2 Mechanism
Procedure
- Log in to the management console.
- Click
in the upper left corner of the management console and select a region or project. - Click
in the upper left corner of the management console and choose Networking > Virtual Private Cloud. - In the navigation pane on the left, choose Elastic IP and Bandwidth > EIPs. The EIPs page is displayed.
- Locate the row containing the target EIP and click Unbind in the Operation column.
- Click OK.
- Assign another IP address for the ECS. Locate the row containing the target EIP and click Bind in the Operation column.
- Select the desired instance.
- Click OK.
Parent topic: Access Configuration
Access Configuration FAQs
- Can I Connect My Service System to AAD If It Is Not Running on HUAWEI CLOUD?
- How Do I Check Whether a Protected Domain Name Is Correctly Configured After I Connect It to AAD?
- What Can I Do When Message "Invalid request" Is Displayed When I Upload an HTTPS/WebSockets Certificate?
- How Do I Convert a Non-PEM Certificate into a PEM One?
- How Do I Enable Both AAD and WAF?
- How Do I Connect My Service System to AAD?
- How Is CNAME-based Access Implemented?
- How Does AAD Distribute Traffic When There Are Multiple Origin Servers?
- How Do I Check Whether a Back-to-Origin IP Address Has Been Whitelisted on My Origin Server?
- How Do I Change the Exposed IP Address of an Origin Server?
- How Do I Query the Back-to-Origin IP Address Range?
- Can I Migrate Enterprise Project Resources After Adding the Protected Domain Name?
- Can I Build My Own Anti-DDoS System Using HUAWEI CLOUD ECSs?
- How Do the AAD Blacklist and Whitelist Protect Customer's Servers?
- Do I Still Need to Configure the Blacklist and Whitelist in WAF Protection Policies After Configuring Them in DDoS Protection Policies?
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbotmore
