Anti-DDoS Pro supports the CC protection function. When the HTTP request amount calculated by Anti-DDoS Pro exceeds the set HTTP Request Threshold, CC protection is automatically triggered. Meanwhile, Anti-DDoS Pro supports URL whitelist, IP whitelist, and IP blacklist policies:
You can custom the protection policy according to the features and protection needs of your business to block CC attacks more accurately.
Log in to Anti-DDoS Console and choose Anti-DDoS Pro -> Protection Configuration. On the CC Protection tab, select the target region and Anti-DDoS Pro instance to configure CC protection.
Click next to CC Protection to enable it.
Click the drop-down list right to the HTTP Request Threshold to select a proper threshold.
Click Add Access Control Policy, and then set the following parameters according to the actual business demand in the Add Access Control Policy pop-up box. Click OK to complete the configuration.
The custom policy takes effect only when Anti-DDoS Pro is under attack.
Match mode: Each custom policy may have up to 4 conditions for feature control, and these conditions have “and” relation, which means all conditions must be matched before the policy takes effect.
Speed limit mode: Each custom policy only allows for setting 1 policy condition.
Enter policy name, which consists of 1-20 characters. Character type is not restricted.
User-Agentfrom HTTP messages. The combination logic includes contain, not contain, and equal to. You can set up to 4 policy conditions for feature control as described below:
|host||Domain name of the access request||contain, not contain, equal to|
|CGI||URL of the access request||contain, not contain, equal to|
|Referer||Source website of the access request, which means at which webpage the access request is generated||contain, not contain, equal to|
|User-Agent||Information like browser identifier of the requester client||contain, not contain, equal to|
Click URL Whitelist, IP Whitelist, or IP Blacklist tab for blacklist/whitelist configuration. Addition and deletion are allowed.
When you add a URL to the Anti-DDoS Pro whitelist, the HTTP protocol header is optional. But Anti-DDoS Pro supports only HTTP protocol. Example: