Protection Policy Overview

AAD provides various protection policies. After purchasing an instance, you can select an appropriate protection policy based on service requirements. For details, see Table 1.

If the protection policy is incorrectly configured, attacks may fail to be defended against or traffic may be incorrectly scrubbed. Exercise caution when performing this operation.

**Table 1** Protection policies
Protection Scenario	Protection Policy	Section	Description
Basic attack protection	Basic web protection	Enabling Basic Web Protection	Once this function is enabled, you can use the layer-7 CC attack protection capabilities provided by AAD. Additionally, if you need to add multiple domain names whose origin server type is IP address to AAD, ensure that this function is also enabled.
DDoS attack protection	Blacklist and whitelist	Blocking or Allowing Traffic From Specified IP Addresses Using a Blacklist and Whitelist	Configure an IP address blacklist or whitelist to block or allow source IP addresses that access AAD, thereby controlling which users can access your service resources.
	Protocol-based access block	Blocking Traffic of a Specified Protocol	You can use the traffic control rules to allow or block UDP traffic or Traffic Outside Chinese Mainland that accesses your AAD instances.
	Geo-Blocking	Blocking Traffic From Specified Locations	AAD can block traffic from specified geographic regions. Once the policy is in effect, access traffic from the designated region will be discarded.
Web CC protection	Intelligent CC	Using Intelligent CC Policies to Defend Against CC Attacks	Automated defense against CC attacks with security rules generated by WAF. If you enable intelligent access control, it takes 10 to 15 minutes for WAF to learn how much traffic your website can handle and generate a rule for you.
Web CC protection	Frequency control rules	Mitigating CC Attacks Using Frequency Control Policies	You can establish a frequency control rule to restrict the access frequency of a single IP address, cookie, or referer to the source end of the protected website, thereby effectively mitigating CC attacks.

Parent Topic: Configuring a Protection Policy

Previous topic: Configuring a Protection Policy

Next topic: Enabling Basic Web Protection

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot