What Should I Do If the IP Protected By DDoS Anti -DDoS Is Blocked?
You have three self-service unlocking chances per day. If you exceed three times in a day, you won't be able to unlock. The system will reset the self-service unlocking count at midnight every day, and the unused unlocking chances won't be carried over to the next day.
If the Number Of Unblocking Times Is Used Up:
For users who have not purchased DDoS high defense, it is recommended to purchase Anti-DDoS Pro. The device can be unblocked upon first binding.
For users who have purchased DDoS high defense, it is recommended to upgrade the protection package to unblock in advance.
Why Is Blocking Carried Out?
Tencent Cloud reduces cloud costs by sharing infrastructure. All users share Tencent Cloud's public egress IP address. When a large-scale traffic attack occurs, it may not only affect the targeted object but also the entire Tencent Cloud network. To prevent the attack from affecting other unattacked users and ensure the stability of the entire cloud platform network, blocking is necessary.
How Long Will It Be Blocked?
The default blocking duration is 2 hours. The actual blocking duration is related to the blocking trigger count and the attack peak value, and can last up to 24 hours.
The blocking duration is mainly affected by the following factors:
Whether the attack is continuous: If the attack continues, the blocking time will be extended, and the blocking time will be recalculated from the moment of extension.
Whether the attack is frequent: Users who are frequently attacked have a higher probability of continuous attacks, and the blocking time will be automatically extended.
The size of attack traffic: Users who are attacked by extremely large traffic will have their blocking time automatically extended.
Note:
For users who are blocked too frequently, Tencent Cloud reserves the right to extend the blocking duration and lower the blocking threshold.
Why Can'T the Block Be Lifted Immediately?
Typically, a DDoS attack will last for a certain duration and will not stop immediately after being blocked. The specific duration is uncertain. Tencent Cloud's security team will set the default blocking duration based on the results of big data analysis.
Since blocking is effective in part of the ISP network, once the attacked public IP is blocked, Tencent Cloud cannot monitor whether the attack traffic has stopped. If the block is lifted while the attack has not ceased, the attacked public IP will be blocked again. Moreover, during the time from unblocking to the effectiveness of reblocking, the attack traffic will directly enter Tencent Cloud's basic network, which may affect other users within the cloud. Additionally, blocking is a service purchased by Tencent Cloud from the ISP, and there are limitations on the number of unblocking times and frequency.
Why Is There a Times Limit For Self -Service Unlocking? What Are the Limits?
Blocking is a service purchased by Tencent Cloud from the ISP, and the ISP has clear unblocking time and frequency limitations, so the blocking status cannot be manually lifted frequently.
Users of Anti-DDoS Pro (excluding the lightweight edition and inclusive edition) and Anti-DDoS Advanced will have three self-service unlocking opportunities per day. If the number exceeds three in a day, unlocking operations will not be available. The system will reset the self-service unlocking count at midnight every day, and the unused unlocking opportunities will not be carried over to the next day.
Users of the lightweight edition of Anti-DDoS Pro are provided with three self-service unlocking capabilities per month, which can only be used to unlock lightweight server resources.
Users of the 10Gbps specification of Anti-DDoS Pro (inclusive edition) are provided with three self-service unlocking capabilities per month. If the number exceeds three in a month, unlocking operations will not be available.
Can the Server IP Be Replaced If the IP Is Blocked?
Server IP replacement is not supported during blocking; it can only be done after unblocking.
When your server is blocked due to a DDoS attack, it is not recommended to immediately change the IP. Changing the server IP does not resolve the risk of your server being attacked by DDoS. Frequent IP changes can affect the detection and analysis of the backend protection system and also impact the stability of the cloud platform. Therefore, when your business encounters multiple DDoS attacks, it is recommended to use DDoS high-defense products to improve the protection capability of your business and resolve DDoS security risks.