If your website is under a DDoS attack, Edge Security Acceleration (ESA) will continue to accelerate and protect your website, unlike some other proxy services that may disable acceleration in such cases. ESA provides built-in DDoS protection features for your website based on your plan.
Usage note
HTTP requests blocked by deep learning and protection are not subject to billing nor plan quota.
Protection capability level introduction
DDoS attacks include Layer 4 volumetric attacks and Layer 7 flood attacks. These attacks can overload your online business. Attackers use multiple computers to send a large number of requests to your servers or network resources. This can overload your servers or cause service interruptions. As a result, users cannot access your online business. ESA provides basic DDoS protection and best-effort DDoS protection against the threat.
Basic DDoS protection
If you are on the Entrance, Pro, or Premium plan, ESA provides basic DDoS protection on points of presence (POPs). Basic DDoS protection does not guarantee the number of attacks that can be blocked, and acceleration performance may be compromised if your website suffers volumetric DDoS attacks.
If your website is vulnerable to DDoS attacks, or you want to ensure the security of your website, contact us to upgrade to the Enterprise plan.
Best-effort DDoS protection
Best-effort DDoS protection of up to Tbit/s is available for purchase if you are on the Enterprise plan. If volumetric DDoS attacks occur, ESA points of presence (POPs) can mitigate DDoS attacks in real-time.
ESA security architecture on the POPs ensure that acceleration performance stays optimal by DDoS protection.
Enterprise plan also supports DDoS protection with TCP/UDP proxy. For more information, see TCP/UDP settings.
When DDoS attacks surpasses the limits of specific POPs, incoming requests are redirected to larger POPs.
HTTP DDoS attack protection
HTTP DDoS attack protection is available only in Enterprise plans.
What is HTTP DDoS attack protection
When HTTP flood attacks occur at Layer 7, the attack traffic is transmitted to the origin server and consumes resources. This affects normal user access to your websites. Based on the general protection rules that are accumulated on the attack and defense experience of Alibaba Cloud Anti-DDoS services, HTTP DDoS attack protection can reduce abrupt attack traffic that is transparently transmitted to your origin server. The default protection level is Normal. You can change the level to enhance protection or reduce false positives.
Procedure
Log on to the ESA console.
In the left-side navigation pane, click Websites.
On the Websites page, find the website that you want to manage, and click the website name or View Details in the Actions column.
In the left-side navigation tree, choose Security > DDoS.
On the Protection Settings tab, click Configure in the HTTP DDoS Attack Protection section.
HTTP DDoS Attack Protection: By default, the protection level is Normal. You can change the protection level to enhance protection or reduce false positives.
Click OK.
Deep learning and protection
Deep learning and protection is available only in Enterprise plans.
What is deep learning and protection
If an attack occurs, HTTP DDoS attack protection follows general protection rules to block attack requests to the origin. However, these general rules are not enough to continuously handle HTTP flood attacks that feature constantly changing patterns. In this case, deep learning and protection is a better choice. Deep learning and protection can continuously learn attack patterns and generate dynamic protection policies. This process may take several minutes. Deep learning and protection offers enhanced defensive performance, but may block some legitimate traffic. You can adjust the protection mode and level based on the actual condition.
Procedure
Log on to the ESA console.
In the left-side navigation pane, click Websites.
On the Websites page, find the website that you want to manage, and click the website name or View Details in the Actions column.
In the left-side navigation tree, choose Security > DDoS.
On the Protection Settings tab, click Configure in the Deep Learning and Protection section.
Deep Learning and Protection: By default, the protection level is Normal. We recommend that you change the protection level to Strict when your website suffers volumetric attacks. If false positives occur, you can change the level to Very Loose.
Click OK.
Feature availability
Feature | Entrance | Pro | Premium | Enterprise |
Basic DDoS protection | Yes | Yes | Yes | Yes |
Best-effort DDoS protection | No | No | No | Yes |