Connection Attack Protection

Last updated: 2021-09-18 15:19:42

    Anti-DDoS can automatically trigger blocking policies facing abnormal connections. With Maximum Source IP Exceptional Connections enabled, a source IP that frequently sends a large number of messages about abnormal connection status will be detected and added to the blocklist. The source IP will be accessible after being blocked for 15 minutes. You can set the following configurations as needed:

    Note:

    • Source New Connection Rate Limit: limits the rate of new connections from source ports.
    • Source Concurrent Connection Limit: limits the number of active TCP connections from source addresses at any one time.
    • Destination New Connection Rate Limit: limits the rate of new connections from destination IP addresses and destination ports.
    • Destination Concurrent Connection Limit: limits the number of active TCP connections from destination IP addresses at any one time.
    • Maximum Source IP Exceptional Connections: limits the maximum number of abnormal connections from source IP addresses.

    Prerequisites

    You have purchased an Anti-DDoS Advanced instance and set the object to protect.

    Directions

    1. Log in to the Anti-DDoS Advanced Console and select Anti-DDoS Advanced (New) > Configurations on the left sidebar.
    2. Select an Anti-DDoS Advanced instance ID in the list on the left, such as "xxx.xx.xx.xx bgpip-000003n2".
    3. Click Set in the Connection Attack Protection section to get to configuration.
    4. Click Create.
    5. In the pop-up window, enable the protection and click OK.
    6. Now the new rule is added to the list. You can click Configuration on the right of the rule to modify it.