What should I do if the IP protected by Anti-DDoS is blocked?
Each user has three chances of manual unblocking every day. The system resets the chance counter daily at 00:00 midnight. Unused chances will not be carried over to the next day.
If the manual unblocking chances are used up:
If you haven't purchased any Anti-DDoS service, we recommend you purchase Anti-DDoS Pro. Then, you can perform unblocking when binding devices for the first time.
If you have already purchased Anti-DDoS, we recommend you upgrade your protection package so that you can perform unblocking earlier.
Why is my IP blocked?
Tencent Cloud reduces the costs of cloud services by sharing the infrastructure, with one public IP shared by many users. When a high-traffic attack occurs, the entire Tencent Cloud network may be affected, not only the target servers. To protect other users and ensure network stability, the target server IP needs to be blocked.
How long will blocking last?
An attacked IP is blocked for two hours by default. The actual duration can be up to 24 hours depending on how many times the IP is blocked and how high the peak attack bandwidth is.
The blocking duration is subject to the following factors:
Continuity of the attack: The blocking duration will extend if an attack continues. Once the duration extends, a new blocking cycle will start.
Frequency of the attack: Users who are frequently attacked are more likely to be attacked continuously. In such a case, the blocking duration extends automatically.
Traffic volume of the attack: The blocking duration extends automatically in case of ultra-large volume of attack traffic.
Note:
For IPs that are blocked extra frequently, Tencent Cloud reserves the right to extend the duration and lower the threshold.
Why can't I unblock my IP immediately?
A DDoS attack usually does not stop immediately after the target IP is blocked and the attack duration varies. Tencent Cloud security team sets the default blocking duration based on big data analysis.
Since IP blocking takes effect in the ISP's network, Tencent Cloud is unable to monitor whether the attack traffic has stopped after the attacked IP is blocked. If the IP is recovered while the attack is still going on, the IP will be blocked again. During the gap between the recovery and re-blocking, Tencent Cloud's classic network will be exposed to the attack traffic, which may affect other Tencent Cloud users. In addition, IP blocking is a service Tencent Cloud purchases from ISPs with limitations on the number of times and the frequency of unblocking.
Why is there a limit on the number of times of manual unblocking? What are the restrictions?
Tencent Cloud pays ISPs for blocking attacked IPs, and ISPs impose limits on the number of times and frequency of unblocking.
Each Anti-DDoS user has three chances of manual unblocking every day. The system resets the chance counter daily at 00:00 midnight. Unused chances will not be carried over to the next day.
This limit also applies to Anti-DDoS Pro (Light) users, who can only use the three chances to unblock Lighthouse resources.
Can I change the server IP if it is blocked?
You can change the server IP only after it is unblocked.
We don't recommend you change the server IP immediately after your server is blocked due to DDoS attacks. Changing the server IP does not eliminate the risk of your server being hit by DDoS attacks. Frequent IP changes will impact the detection and analysis of the backend protection system and the stability of the cloud platform. Therefore, if your business suffers DDoS attacks, we recommend you use Anti-DDoS products to enhance your business's protection capabilities against DDoS attacks.
Was this page helpful?