tencent cloud

Anti-DDoS supports watermark protection for the messages sent by the application end. Within the range of the UDP and TCP message ports configured, the application end and Anti-DDoS share the same watermark algorithm and key. After the configuration is completed, every message sent from the client will be embedded with the watermark while attack messages will not, so that the attack messages can be identified and discarded. Watermark protection can effectively and comprehensively defend against layer-4 CC attacks, such as analog business packet attacks and replay attacks.

Prerequisites

You have purchased an Anti-DDoS Advanced instance and set the object to protect.

Note：

This feature is a paid service. Please contact us for activation.

Directions

1. Log in to the Anti-DDoS console and select Anti-DDoS Advanced (New) > Configurations on the left sidebar. Open the DDoS Protection tab.
2. Select an Anti-DDoS Advanced instance ID in the list on the left, such as "bgpip-xxxxxx".
   
3. Click Set in the Watermark Protection section.
   
4. Click Create.
5. In the pop-up window, fill in the configuration fields and click OK.
   
6. After the rule is created, it is added to the list. You can click Key Configuration to view and configure a key.
   
7. You can view and copy the key.
   
8. You can also add or delete a key on the key configuration page. A key can be deleted if you have another key. Up to two watermark keys can be created.