Edge Security Acceleration:Configure blacklist by region

Enable the blacklist

1. Log on to the DCDN console.

2. In the left navigation pane, click Domain Names.

3. On the Domain Names page, find the domain name that you want to manage and click Configure in the Actions column.

4. In the navigation pane on the left of the domain name, click Security Settings.

5. On the Region Blacklist tab, click Modify.

6. In the Blocking Settings dialog box, select Rule Condition, Blocking Type, Rule Condition, and Regions.

   

   Parameter	Description
   Rule Condition	Rule conditions identify various parameters in a user request to determine whether a configuration applies to the request. Do not use: Do not use rule conditions. To add or edit rule conditions, manage them in the Rules Engine.
   Blocking Type	Blacklist Requests from regions in the blacklist cannot access any resources for the accelerated domain name. Whitelist Only requests from regions in the whitelist can access resources for the accelerated domain name. Requests from all other regions are blocked. The blacklist and whitelist are mutually exclusive. Only one can be active at a time.
   Regions	Specify the regions for the blacklist or whitelist.

7. Click OK.

Canceling a region blacklist

To delete a location blacklist, click Clear. After the location is deleted, DCDN will no longer block requests from the specified regions.

Configuration example

Block requests from Andorra that use the HTTP protocol to access the /image path.

1. In the rules engine, configure a rule to match requests for resources in the /image path that use the HTTP protocol.

   

2. On the region-based blocking tab, configure a blocking rule to block requests from Andorra that match the condition.

   • Rule Condition: Select the rule that you created in Step 1.

   • Blocking Type: Select Blacklist.

   • Region Settings: Select Andorra.

   

3. Result: If a request matches the rule, a 403 Forbidden error is returned with the message denied by region block.