By default, your domain protected by the Anti-DDoS Pro instance uses the Normal HTTP flood protection mode. You can change the mode as you needed.
- Log on to the Anti-DDoS Pro console.
- Go to Protection > Setting > Web Attack Protection page, select Instance, and select Domain.
- Locate the HTTP Flood Protection area, click to select the defense mode.
Custom HTTP Flood Protection Rule
Anti-DDoS Pro also supports custom HTTP flood protection rules for you to customize precise HTTP flood defense rules. You can configure defense rules for specific URLs with this functionality.
Go to the Web Attack Protection page of your protected domain, locate the HTTP Flood Protection area, enable custom HTTP flood protection rules, and then click Settings to set custom defense rules for specific URLs.
Best Practice for HTTP Flood Protection Settings
The sequence of defense effects with these four HTTP flood protection modes is: Very High > High > Attack emergency > Normal. Meanwhile, the possibility of false positives with these four HTTP flood protection modes is Very High > High > Attack emergency > Normal.
And Attack emergency mode has relatively strict policies and can guard against more complex and sophisticated HTTP flood attacks. However, it may block a small part of normal requests.
Generally, we recommend that you use the Normal HTTP flood protection mode for your protected domain. This mode uses relative loose defense policies, and only IPs with large access frequency are blocked. We recommend that you switch to the Emergency attack mode or the High mode when the Normal mode fails to deliver satisfactory performance or the website is under severe HTTP flood attacks. Do not forget to switch back to the normal mode after the attack is over.
Related Blog Posts
In this article, I’ll show you how to use Alibaba Cloud’s Anti-DDoS Premium to protect your critical assets against DDoS attacks. I’ll also show you how to accelerate access for Mainland China users to your application hosted outside Mainland China, such as Singapore and Hong Kong, with the new Mainland China Acceleration (MCA) service.
In this article, you will get some information on some ddos attacks analysis and how to protect your server from ddos attacks.
- the best practices for provisioning your Ubuntu 16.04 server hosted on an Alibaba Cloud Elastic Compute Service (ECS) instance
- the importance of IoT device security by looking at CERT’s interpretation of the infamous 2016 DDoS attack
- the analysis of scanning and intrusion script for DockerKiller Threat
Anti-DDoS Pro provides four defense modes against HTTP(S) flood attacks. In this guide, you will get some information on how to guard your websites from HTTP(S) flood attacks.
In cases where compliance or high availability is required, you can deploy a multi-line Anti-DDoS Pro instance to pass traffic back to different origin sites, based on the type of line. For example, you can enable the China Telecom line of your Anti-DDoS Pro instance for a China Telecom origin, and the China Unicom line for a China Unicom origin. This topic describes the configuring method in the Anti-DDoS console.
Anti-DDoS Pro is a value-added service used to protect servers, including external servers hosted in Mainland China, against volumetric DDoS attacks. You can redirect attack traffic to Anti-DDoS Pro to ensure the stability and availability of origin sites.
Alibaba Cloud Anti-DDoS Premium is a value-added DDoS protection service. This service is used to protect servers against volumetric DDoS attacks and ensure the availability of business. By modifiying DNS records to redirect malicious traffic through Anti-DDoS Premium’s dedicated IP address, Anti-DDoS Premium, protects your online presence.