Overview
EdgeOne supports one-click blocking of source traffic to the site by protocol type. You can configure ICMP protocol blocking, TCP protocol blocking, UDP protocol blocking, and other protocol blocking. After the configuration is complete, when the attack traffic is detected with related Access request, it will be directly truncated.
Note:
This function is only supported when the L4 proxy is enabled with Exclusive DDoS protection, and it is not supported by the default platform protection and Exclusive DDoS protection for L7 sites.
Usage Scenarios
When your website does not have a specified access protocol, you can block the specified protocol with one-click blocking, and directly filter the access requests of the corresponding protocol during traffic cleaning to prevent the corresponding requests from being transparently transmitted to the origin.
Note:
Due to the connectionless nature of the UDP protocol (unlike TCP, which has a three-way handshake process), it has a natural security flaw. If you do not have UDP business, it is suggested to block the UDP protocol.
Directions
For example, for all business domains under the site example.com
, only TCP protocol connections are open to the outside, and other protocol requests are blocked. The operation steps are as follows:
1. Log in to the EdgeOne console, click on the site list in the left menu bar, click on the site to be configured in the site list, and enter the site details page. 2. On the site details page, click on security protection > DDoS protection to enter the DDoS protection details page.
3. In the L4 proxy protection tab, select the L4 proxy protection instance that needs to be configured, and click on Security configuration.
4. In the protocol blocking card, click on the set to enter the protocol blocking page.
5. On the protocol blocking page, click on the switch of the required protocol blocking, in this scenario, turn on the ICMP protocol, UDP protocol blocking, and other protocol blocking switches. Once enabled, the rule will take effect immediately, and the corresponding protocol requests will be blocked.
Was this page helpful?