Updated on 2024-12-24 GMT+08:00

Blocking Traffic to a Specified Port

If a destination port is unnecessary for access, you can set up a port blocking policy to block traffic from reaching the port, thereby minimizing DDoS attack risks.

Enabling Port Blocking

  1. Log in to the management console.
  2. Select a region in the upper part of the page, click in the upper left corner of the page, and choose Security & Compliance > Anti-DDoS Service. The Anti-DDoS Service Center page is displayed.
  3. In the navigation pane on the left, choose Cloud Native Anti-DDoS Advanced > Protection Policies. The Protection Policies page is displayed.
  4. Click Create Protection Policy.
  5. In the displayed dialog box, set the policy name, select an instance, and click OK.

    Figure 1 Creating a policy

  6. In the row containing the target policy, click Set Protection Policy in the Operation column.
  7. In the Port Blocking configuration area, click Set.

    Figure 2 Port blocking configuration box

  8. In the Port Blocking dialog box, click Create Port ACL Rule.
  9. In the dialog box that is displayed, set the port ACL.

    Figure 3 Creating a port ACL rule
    Table 1 Port ACL parameters

    Parameter

    Description

    Rule Name

    Enter a rule name.

    Protocol

    Protocol of the port to be blocked TCP and UDP are supported.

    Port Type

    Only Destination Port is supported.

    Start Port-End Port

    Set the range of ports to be blocked.

    Action

    Protection action after the port is blocked

    Discard: Discard traffic destined for the port.

  10. Click OK.

Follow-up Procedure

  • Locate the row that contains the target port and click Delete in the Operation column to delete the port blocking rule.
  • Locate the row that contains the target port and click Edit in the Operation column to edit the port blocking rule.