This topic lists frequently asked questions about Alibaba Cloud Anti-DDoS Pro and Anti-DDoS Premium. CategoryQuestionPre-sales FAQDoes Alibaba Cloud Anti-DDoS provide free services? Can Anti-DDoS Pro and Anti-DDoS Premium be billed only when they mitigate DDoS attacks? Does Anti-DDoS have trial mitigation plans? Can Anti-DDoS Pro and Anti-DDoS Premium protect servers that are not deployed on Alibaba Cloud? Can Anti-DDoS Pro and Anti-DDoS Premium protect servers that are not deployed on Alibaba Cloud but have domain names registered with Alibaba Cloud? Is ICP filing required for domain names that you want Anti-DDoS Pro or Anti-DDoS Premium to protect? What are the regions supported by Anti-DDoS Pro and Anti-DDoS Premium? Do Anti-DDoS Pro and Anti-DDoS Premium have limits on the number of protected domains? Do Anti-DDoS instances support wildcard domains? What are the limits for the ports that can be added to Anti-DDoS Pro? What are the prerequisites for activating Anti-DDoS Premium? Does the basic protection bandwidth provided by Anti-DDoS Pro apply to all traffic or only attack traffic? FAQ about the billing of burstable protectionIf no attacks are detected, are burstable protection fees charged? If I purchase an Anti-DDoS instance with a basic protection bandwidth of 20 Gbit/s and a burstable protection bandwidth of 50 Gbit/s, what is the maximum mitigation capacity? What happens if the size of DDoS attacks exceeds the burstable protection bandwidth? If the basic protection bandwidth is 30 Gbit/s, the burstable protection bandwidth is 50 Gbit/s, and the size of DDoS attacks is 45 Gbit/s, how is burstable protection charged? Can I change the burstable protection bandwidth from 100 Gbit/s to 200 Gbit/s? If the basic protection bandwidth of 30 Gbit/s provided by the Anti-DDoS Pro instance cannot meet my requirements, can I increase the protection bandwidth anytime? If an IP address is attacked multiple times in a day, how is the mitigation fee calculated? How do I prevent an Anti-DDoS Pro instance from providing burstable protection? FAQ about Anti-DDoS Pro and Anti-DDoS PremiumWhat happens if an Anti-DDoS Pro or Anti-DDoS Premium instance expires? What is the clean bandwidth of an Anti-DDoS Pro or Anti-DDoS Premium instance?What happens if the traffic volume exceeds the clean bandwidth of an Anti-DDoS Pro or Anti-DDoS Premium instance? Can I manually deactivate blackhole filtering? What are the back-to-origin CIDR blocks of an Anti-DDoS Pro or Anti-DDoS Premium instance? Are the back-to-origin CIDR blocks of an Anti-DDoS Pro or Anti-DDoS Premium instance automatically added to a whitelist? Can I use an internal IP address as the IP address of the origin server for an Anti-DDoS Pro or Anti-DDoS Premium instance? I have changed the IP address of the origin server for an Anti-DDoS Pro or Anti-DDoS Premium instance. Does the change immediately take effect? How do I identify which website is under attack when multiple websites are protected by an Anti-DDoS Pro or Anti-DDoS Premium instance? Do Anti-DDoS Pro and Anti-DDoS Premium support the health check feature? How is traffic distributed to multiple origin servers that are protected by an Anti-DDoS Pro or Anti-DDoS Premium instance? Can I configure session persistence in the Anti-DDoS Pro or Anti-DDoS Premium console? How does session persistence work for an Anti-DDoS Pro or Anti-DDoS Premium instance? What is the default TCP timeout period for an Anti-DDoS Pro or Anti-DDoS Premium instance? What are the default HTTP and HTTPS timeout periods for an Anti-DDoS Pro or Anti-DDoS Premium instance? Do Anti-DDoS Pro and Anti-DDoS Premium support IPv6? Do Anti-DDoS Pro and Anti-DDoS Premium support WebSocket? Do Anti-DDoS Pro and Anti-DDoS Premium support mutual HTTPS authentication? Why am I unable to access HTTPS websites by using a browser of an earlier version or from an Android mobile client? Which SSL protocols and cipher suites are supported by Anti-DDoS Pro and Anti-DDoS Premium? How do Anti-DDoS Pro and Anti-DDoS Premium ensure the security of an uploaded certificate and its private key? Does WAF decrypt HTTPS traffic and record the content of HTTPS requests? What are the limits on the numbers of ports and domain names that can be protected by an Anti-DDoS Pro or Anti-DDoS Premium instance? Why does the traffic chart show a traffic scrubbing event even though the volume of the traffic received by the server does not exceed the traffic scrubbing threshold? Can Anti-DDoS Pro and Anti-DDoS Premium protect websites that use NTLM authentication? Hot issues about Anti-DDoS Pro and Anti-DDoS PremiumConfigurationHow do I configure Anti-DDoS Pro or Anti-DDoS Premium by using different Alibaba Cloud accounts?How do I enable WebSocket?What are the proactive detection IP addresses of Anti-DDoS Pro and Anti-DDoS Premium?Service exceptionHow do I handle the issues of slow response, high latency, and access failure on my service that is protected by an Anti-DDoS Pro or Anti-DDoS Premium instance?How do I resolve error 502 on websites protected by Anti-DDoS Pro or Anti-DDoS Premium?How do I resolve the "504 Gateway Timeout" error on websites protected by Anti-DDoS Pro or Anti-DDoS Premium?How do I handle slow connection establishment after I configure Anti-DDoS Pro or Anti-DDoS Premium?How do I handle slow access to services protected by Anti-DDoS Pro or Anti-DDoS Premium?How do I handle the issue that session persistence cannot be implemented after I configure Anti-DDoS Pro or Anti-DDoS Premium?How do I handle the issue that I cannot ping the IP address of an Anti-DDoS Pro or Anti-DDoS Premium instance?How do I handle the issue that large files fail to be uploaded over HTTP and HTTPS after I add my service to Anti-DDoS Pro or Anti-DDoS Premium?Protection analysisHow do I identify the types of attacks against an Anti-DDoS Pro or Anti-DDoS Premium instance?How do I mitigate NTP-based DDoS attacks?What are the differences between website protection and non-website protection? HTTPS serviceThe certificate uploaded for HTTPS services does not match its private key. What do I do?How do I convert an HTTPS certificate file into the PEM format?How do I handle HTTPS access exceptions that occur if clients do not support SNI?How do I handle the mismatch between a certificate and its private key?