Blocking or Allowing Traffic From Specified IP Addresses Using a Blacklist and Whitelist

Configuring a Blacklist and a Whitelist

1. Log in to the management console.
2. Select a region in the upper part of the page, click in the upper left corner of the page, and choose Security & Compliance > Anti-DDoS Service. The Anti-DDoS Service Center page is displayed.
3. In the navigation pane on the left, choose Advanced Anti-DDoS > Protection Policies. The Protection Policies page is displayed.
   Figure 1 Advanced Anti-DDoS protection policies
   

4. Select the instance for which you want to configure a blacklist or whitelist.
5. Configure a blacklist and a whitelist.
   • Configuring a Blacklist
     1. In the Blacklist and Whitelist configuration area, click Create whitelist/blacklist rules.
     2. Select the IP Blacklist tab and click Add.
     3. In the displayed dialog box, enter the IP addresses or IP ranges to be blocked.
        Figure 2 Adding blacklisted IP addresses
        
        

        A maximum of 100 IP addresses can be added to the blacklist of an instance, and IP addresses in the blacklist will be blocked.

     4. Click OK.

        On the IP Blacklist page, click Delete in the Operation column or select the blacklisted IP addresses to be deleted and click Delete to delete IP addresses in batch. Deleted IP addresses will not be blocked.

   • Configuring an IP whitelist
     1. Select the IP Whitelist tab and click Add.
     2. In the displayed dialog box, enter the IP addresses or IP ranges to be permitted.
        Figure 3 Adding whitelisted IP addresses
        
        

        • IP addresses/ranges should be separated by commas (,) and must be unique. The number of IP addresses/ranges cannot exceed the remaining quota.
        • The mask length of an IPv4 address must be at least 16 bits, and for an IPv6 address, it must be at least 64 bits. Only one subnet segment can be configured at a time.
     3. Click OK.

        On the IP Whitelist page, click Delete in the Operation column or select the whitelisted IP addresses to be deleted and click Delete to delete IP addresses in batch. After an IP address is deleted from the whitelist, the device will not directly permit traffic from this IP address.