IP Access Frequency
You can restrict the number of times that a single IP address requests a URL from a PoP per second to defend against CC attacks and malicious theft.
Precautions
- Restricting the IP access frequency can effectively defend against CC attacks, but it may affect normal access.
- When the threshold is reached, CDN returns status code 403. The restriction is removed 10 minutes later.
- By default, this function is disabled.
Procedure
-
Log in to Huawei Cloud console. Choose .
The CDN console is displayed.
- In the navigation pane, choose .
- In the domain list, click the target domain name or click Configure in the Operation column.
- Click the Access Control tab and turn on the IP Access Frequency switch.
Figure 1 IP access frequency
- Set Access Threshold and click OK.
- When the number of times that a single IP address accesses a single URL via a PoP per second reaches the threshold, CDN returns status code 403 to the client. The restriction is removed 10 minutes later.
- If you change Access Threshold within the restriction duration, the change takes effect after the restriction is removed.
- Turn off the IP Access Frequency switch to disable it.
Example
Configuration: You have restricted the IP access frequency of domain name www.example.com to 10,000 requests/second.
Condition for triggering IP access frequency restriction: The number of times that an IP address requests a URL from a PoP per second reaches 10,000.
Example: A client's IP address is 0.0.0.0. This client accesses https://www.example.com/abc.jpg for 10,000 times within 1 second, triggering the access frequency restriction. When the client accesses this URL again, the request is blocked and status code 403 is returned. The restriction is removed 10 minutes later.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot