Black Hole Policies of Alibaba Cloud Security
DDoS attacks severely impair not only victims, but also the entire cloud network. Besides, DDoS defense costs a lot, the biggest among which is the bandwidth cost.
Alibaba Cloud purchases bandwidth from ISPs. ISPs will not clean out DDoS attack traffic when calculating the bandwidth cost, but will directly charge Alibaba Cloud on the consumed bandwidth.
Alibaba Cloud Security potentially defends against DDoS attacks for Alibaba Cloud users free of charge at a limited cost, but when the attacking traffic exceeds the threshold, Alibaba Cloud will block the traffic to the IP address under attack.
You can check the current DDoS mitigation capacity of your ECS, SLB, or EIP instances here.
And you can join up our Security Credibility plan for free to get an extra DDoS mitigation capacity based on your security credibility score.
See Check security credit details to learn the scoring criteria of the security credibility score and take the initiative to improve it. By improving your credibility score, you can get more extra DDoS mitigation capacity.
Related Blog Posts
How to Protect Your Websites from HTTP(S) Flood
In this guide, you will get information on how to guard your website from HTTP(S) flood attacks with protection modes on Anti-DDoS Pro.
By default, your domain protected by the Anti-DDoS Pro instance uses the Normal HTTP flood protection mode. You can change the mode as you needed.
- Log on to the Anti-DDoS Pro console.
- Go to Protection > Setting > Web Attack Protection page, select Instance, and select Domain.
- Locate the HTTP Flood Protection area, click to select the defense mode.
DDoS Attacks Analysis and Prevention
In this article, you will get some information on some ddos attacks analysis and how to protect your server from ddos attacks.
- the best practices for provisioning your Ubuntu 16.04 server hosted on an Alibaba Cloud Elastic Compute Service (ECS) instance
- the importance of IoT device security by looking at CERT’s interpretation of the infamous 2016 DDoS attack
- the analysis of scanning and intrusion script for DockerKiller Threat
Related Documentation
Alibaba Cloud Security Anti-DDoS Pro service is an attack protection service designed by the Alibaba Cloud research and development team.
Anti-DDoS Pro provides DDoS, HTTP flood, and WAF protection services, and is capable to defend against three to seven layers of DDoS attacks such as SYN flood, UDP flood, ACK flood, ICMP flood, DNS query flood, NTP reply flood, HTTP flood attack, and Web application attacks.
Alibaba Cloud black hole policies
This topic explains the black hole policy of Alibaba Cloud Security.
The black hole is a service that Alibaba Cloud purchases from the operator who imposes strict restrictions on the time and frequency to lift the black hole. The black hole state cannot be manually deactivated. Thus, you must patiently wait for the system to auto unban the server.
Related Products
Anti-DDoS Pro is a value-added service used to protect servers, including external servers hosted in Mainland China, against volumetric DDoS attacks. You can redirect attack traffic to Anti-DDoS Pro to ensure the stability and availability of origin sites.
Alibaba Cloud Anti-DDoS Premium is a value-added DDoS protection service. This service is used to protect servers against volumetric DDoS attacks and ensure the availability of business. By modifiying DNS records to redirect malicious traffic through Anti-DDoS Premium’s dedicated IP address, Anti-DDoS Premium, protects your online presence.
