Configuring a Blacklist and a Whitelist

Scenarios

You can set whitelists and blocklists on your AAD instances to block or allow access requests from specified IP addresses.

Procedure

Log in to the management console.
Select a region in the upper part of the page, click in the upper left corner of the page, and choose Security & Compliance > Anti-DDoS Service. The Anti-DDoS Service Center page is displayed.
In the navigation pane on the left, choose Advanced Anti-DDoS > Protection Policies. The Protection Policies page is displayed.

Figure 1 Advanced Anti-DDoS protection policies
Select the instance for which you want to configure a blacklist or whitelist.
Configure a blacklist and a whitelist.
- Configuring a Blacklist
  1. In the Blacklist and Whitelist configuration area, click Create whitelist/blacklist rules.
  2. Select the IP Blacklist tab and click Add.
  3. In the displayed dialog box, enter the IP addresses or IP ranges to be blocked.
    Figure 2 Adding blacklisted IP addresses
    
    A maximum of 100 IP addresses can be added to the blacklist of an instance, and IP addresses in the blacklist will be blocked.
  4. Click OK.
    On the IP Blacklist page, click Delete in the Operation column or select the blacklisted IP addresses to be deleted and click Delete to delete IP addresses in batch. Deleted IP addresses will not be blocked.
- Configuring an IP whitelist
  1. Select the IP Whitelist tab and click Add.
  2. In the displayed dialog box, enter the IP addresses or IP ranges to be permitted.
    Figure 3 Adding whitelisted IP addresses
    
    A maximum of 100 IP addresses can be added to the whitelist of an instance. IP addresses in the whitelist are permitted.
  3. Click OK.
    On the IP Whitelist page, click Delete in the Operation column or select the whitelisted IP addresses to be deleted and click Delete to delete IP addresses in batch. After an IP address is deleted from the whitelist, the device will not directly permit traffic from this IP address.