Anti-DDoS supports watermark protection for the messages sent by the application end. Within the range of the UDP and TCP message ports configured, the application end and Anti-DDoS share the same watermark algorithm and key. After the configuration is completed, every message sent from the client will be embedded with the watermark while attack messages will not, so that the attack messages can be identified and discarded. Watermark protection can effectively and comprehensively defend against layer-4 CC attacks, such as analog business packet attacks and replay attacks.
Purchase an Anti-DDoS Advanced instance and set the object to be protected.
- Log in to the Anti-DDoS console and click Anti-DDoS Advanced (New) -> Configurations on the left sidebar.
- Select the ID or port of a protected IP from the left list, e.g., 212.64.xx.xx bgpip-000002jt or 119.28.xx.xx bgpip-000002ju -> tcp:8000. Click Set in the Watermark Protection section to enter the watermark protection list.
- Click Create.
- In the pop-up window, fill in the configuration fields and click OK.
- Now the new watermark protection rule is added to the list, and you can click Key Configuration to view and configure a key.
- You can view and copy the key.
- You can also add or delete a key on the key configuration page. A key can be deleted if you have another key. Up to two watermark keys can be created.