- What's New
- Service Overview
- User Guide
- Best Practices
-
FAQs
-
About Anti-DDoS
- What Is Anti-DDoS?
- What Are a SYN Flood Attack and an ACK Flood Attack?
- What Is a CC Attack?
- What Is a Slow HTTP Attack?
- What Are a UDP Attack and a TCP Attack?
- What Is the Million-level IP Address Blacklist Database?
- How Will Anti-DDoS Be Triggered to Scrub Traffic?
- Does Anti-DDoS Traffic Cleaning Affect Normal Services?
- How Does Anti-DDoS Scrub Traffic?
- What Are the Restrictions of Anti-DDoS?
- What Is the Protection Capacity of Anti-DDoS?
- What Data Can Be Provided by Anti-DDoS?
- In Which Regions Is Anti-DDoS Available?
- What Is the Maximum Protection Capacity Provided by HUAWEI CLOUD Anti-DDoS for Free?
- Which Services Can Use Anti-DDoS?
- Can Anti-DDoS Be Used Across Clouds?
- How to Determine Whether an Attack Occurs?
-
About Basic Functions
- What Are Regions and AZs?
- What Is the HTTP Request Threshold Set for Anti-DDoS Protection?
- What Would Happen When I Am Under a DDoS Attack Exceeding 500 Mbit/s?
- Which Types of Attacks Does Anti-DDoS Mitigate?
- What Should I Do If My Service Is Frequently Attacked?
- What Is the Difference Between ELB Protection and ECS Protection?
- Why Is the Number of Times of Cleaning Different from the Number of Attacks for the Same Public IP Address?
- Is Anti-DDoS Enabled by Default?
- Does Anti-DDoS Protect a Region or a Single IP Address?
- Do I Need to Clear the Resources of Anti-DDoS When I Delete an Account?
- How Do I View the Traffic Cleaning Frequency?
- How Can I View Anti-DDoS Protection Statistics?
- How Can I View Public IP Address Monitoring Data in Anti-DDoS?
- How Can I View an Interception Report?
- Can I Disable Anti-DDoS Completely?
- How Do I Check Whether the Inbound Traffics Are Routed Through Anti-DDoS Devices?
- About Threshold and Black Hole
- About Alarm notification
- Change History
-
About Anti-DDoS
- Glossary
-
More Documents
-
User Guide (ME-Abu Dhabi Region)
- Service Overview
- Viewing a Public IP Address
- Enabling Alarm Notification
- Configuring an Anti-DDoS Protection Policy
- Viewing a Monitoring Report
- Viewing an Interception Report
-
FAQs
-
About Anti-DDoS
- What Is Anti-DDoS?
- What Are a SYN Flood Attack and an ACK Flood Attack?
- What Is a CC Attack?
- What Is a Slow HTTP Attack?
- What Are a UDP Attack and a TCP Attack?
- What Is the Million-level IP Address Blacklist Database?
- How Will Anti-DDoS Be Triggered to Scrub Traffic?
- Does Anti-DDoS Traffic Cleaning Affect Normal Services?
- How Does Anti-DDoS Scrub Traffic?
- What Are the Restrictions of Anti-DDoS?
- About Basic Functions
- About Alarm notification
-
About Anti-DDoS
- Change History
-
API Reference (ME-Abu Dhabi Region)
- Before You Start
- API Overview
- API Calling
-
API
-
Anti-DDoS APIs
- Querying Optional Anti-DDoS Defense Policies
- Querying Configured Anti-DDoS Defense Policies
- Updating Anti-DDoS Defense Policies
- Querying Anti-DDoS Tasks
- Querying the List of Defense Statuses of EIPs
- Querying the Defense Status of a Specified EIP
- Querying the Traffic of a Specified EIP
- Querying Events of a Specified EIP
- Querying Weekly Defense Statistics
- Alarm Reminding APIs
-
Anti-DDoS APIs
- Appendix
- Change History
-
User Guide (Kuala Lumpur Region)
- Service Overview
- Viewing a Public IP Address
- Enabling Alarm Notification
- Configuring an Anti-DDoS Protection Policy
- Viewing a Monitoring Report
- Viewing an Interception Report
-
FAQs
-
About Anti-DDoS
- What Is Anti-DDoS?
- What Are a SYN Flood Attack and an ACK Flood Attack?
- What Are a UDP Attack and a TCP Attack?
- What Is the Million-level IP Address Blacklist Database?
- How Will Anti-DDoS Be Triggered to Scrub Traffic?
- Does Anti-DDoS Traffic Cleaning Affect Normal Services?
- How Does Anti-DDoS Scrub Traffic?
- What Are the Restrictions of Anti-DDoS?
- About Basic Functions
- About Alarm notification
-
About Anti-DDoS
- Change History
-
API Reference (Kuala Lumpur Region)
- Before You Start
- API Overview
- API Calling
-
API
-
DDoS Protection Management
- Querying the List of Defense Statuses of EIPs
- Querying Anti-DDoS specifications
- Querying Weekly Defense Statistics
- Querying Configured Anti-DDoS Defense Policies
- Enabling Anti-DDoS
- Updating Anti-DDoS Defense Policies
- Querying the Traffic of a Specified EIP
- Querying Events of a Specified EIP
- Querying the Defense Status of a Specified EIP
- Anti-DDoS Task Management
- Alarm Configuration Management
-
DDoS Protection Management
- Status Code
- Anti-DDoS Error Codes
- Obtaining a Project ID
- Change History
-
User Guide (Ankara Region)
- Service Overview
- Enabling Anti-DDoS
- Viewing a Public IP Address
- Enabling Alarm Notification
- Configuring an Anti-DDoS Protection Policy
- Viewing a Monitoring Report
- Viewing an Interception Report
-
FAQs
-
About Anti-DDoS
- What Is Anti-DDoS?
- What Are a SYN Flood Attack and an ACK Flood Attack?
- What Is a CC Attack?
- What Is a Slow HTTP Attack?
- What Are a UDP Attack and a TCP Attack?
- What Is the Million-level IP Address Blacklist Database?
- How Will Anti-DDoS Be Triggered to Scrub Traffic?
- Does Anti-DDoS Traffic Cleaning Affect Normal Services?
- How Does Anti-DDoS Scrub Traffic?
- What Are the Restrictions of Anti-DDoS?
- About Basic Functions
- About Alarm notification
-
About Anti-DDoS
- Change History
-
API Reference (Ankara Region)
- Before You Start
- API Overview
- API Calling
-
API
-
Anti-DDoS APIs
- Querying Optional Anti-DDoS Defense Policies
- Enabling Anti-DDoS
- Querying Configured Anti-DDoS Defense Policies
- Updating Anti-DDoS Defense Policies
- Querying Anti-DDoS Tasks
- Querying the List of Defense Statuses of EIPs
- Querying the Defense Status of a Specified EIP
- Querying the Traffic of a Specified EIP
- Querying Events of a Specified EIP
- Querying Weekly Defense Statistics
- Alarm Reminding APIs
-
Anti-DDoS APIs
- Appendix
- Change History
-
User Guide (ME-Abu Dhabi Region)
- General Reference
Copied.
Setting a Default Protection Policy for Newly Purchased Public IP Addresses
In the Set Default Protection Policy dialog box, you can select Manual for Protection Settings and set the default protection policy. The new public IP addresses you purchase from HUAWEI CLOUD will be protected against DDoS attacks based on your configured default protection policy
If you want to disable the default protection policy, you can select Default for Protection Settings in the Set Default Protection Policy dialog box.
If you do not set a default protection policy for the newly purchased public IP addresses, the Protection Settings in Default mode apply to the IP addresses. The value of Traffic Cleaning Threshold is 120 Mbps and CC Defense is disabled if you select Default for Protection Settings in the Set Default Protection Policy dialog box.
Prerequisites
You have obtained an account and its password for logging in to the management console.
Manually Setting a Default Protection Policy
- Log in to the management console.
- Click
in the upper left corner of the management console and select a region or project.
- Click
in the upper left corner of the page and choose Security & Compliance > Anti-DDoS.
- Select the Public IP Addresses tab and click Set Default Protection Policy.
Figure 1 Setting a default protection policy for newly purchased public IP addresses
- In the displayed dialog box, select Manual for Protection Settings.
Figure 2 Manually configuring the default protection policy
- Configure Traffic Cleaning Threshold and CC Defense.
Table 1 Parameter description Parameter
Description
Traffic Cleaning Threshold
Anti-DDoS scrubs traffic when detecting that the incoming traffic of an IP address exceeds the threshold.
You can set the traffic cleaning threshold based on based on your expected traffic volume. Set the threshold to a value closest to the purchased bandwidth but not greater than the purchased bandwidth.
NOTE:
If service traffic triggers scrubbing, only attack traffic is intercepted. If service traffic does not trigger scrubbing, no traffic is intercepted.
Set this parameter based on the actual service access traffic.
CC Defense
- Disable: disables the defense.
- Enable: enables the defense.
NOTE:
CC defense is available only for clients that carry web services and support the full HTTP protocol stack. CC defense works in redirection or redirection+verification code mode. If your client does not support the full HTTP protocol stack, you are advised to disable CC defense.
HTTP Request Threshold
This parameter is required only when CC Defense is set to Enable.
This parameter is used to defend against a large number of malicious requests targeting websites. Defense against CC attacks, which aim to exhaust server resources by sending specially crafted GET or POST requests, is triggered when the HTTP request rate on a site reaches the selected value. In EIP protection, the maximum recommended value is 5000. In ELB protection, the value can be larger.
Set this parameter to the maximum number of HTTP requests that can be processed by the deployed service. Anti-DDoS will automatically scrub traffic if detecting that the total number of requests exceeds the configured HTTP request threshold. If the value is too large, CC defense will not be triggered promptly.
- Click OK.
After you set the default protection policy, the newly purchased public IP addresses are protected based on the configured policy. For details about how to adjust a configured protection policy, see Configuring an Anti-DDoS Protection Policy.
Disabling the Default Protection Policy Manually Configured for Newly Purchased IP Addresses
If you do not want the manually configured protection policy to apply to the new public IP addresses, you can disable it. Then, the Protection Settings in Default mode apply to the new IP addresses.
- Click
in the upper left corner of the page and choose Security & Compliance > Anti-DDoS.
- Select the Public IP Addresses tab and click Set Default Protection Policy.
Figure 3 Setting a default protection policy for newly purchased public IP addresses
- Select Default for Protection Settings in the Set Default Protection Policy dialog box.
The value of Traffic Cleaning Threshold is 120 Mbps and CC Defense is disabled.Figure 4 Disabling the default protection policy manually configured for newly purchased IP addresses
- Click OK.
The Protection Settings in Default mode will apply to the new public IP addresses.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot