Frequently Asked Questions
1. Is it possible to try out the Overseas High Defense Service? Are there any rules or restrictions?
Trial is not supported, only supports business deployed in UCloud Global Hong Kong, China, Taipei, China, Singapore, Tokyo, Seoul, Jakarta, Bangkok, Ho Chi Minh City, Frankfurt, Los Angeles, Washington, London data center. If the business is not in the above data center, you need to set up a proxy for forwarding.
2. How many layers of attack can the High Defense withstand overseas?
It can effectively defend against 3-4 layer attacks. The specific types supported are as follows:
| Protection Type | Description |
|---|---|
| Malformed Message Attacks | Supports the cleaning of TearDrop, IpLand, Smurf, Fraggle, etc., as well as the filtering of malformed IP/TCP/UDP packets |
| Flood Attack | Protects against Udp Flood, SYN Flood, Icmp Flood, ACK Flood, FIN Flood, RST Flood, and other flood attacks |
| Reflection Amplification Attack | Provides cleaning for Dns, Ntp, Ssdp, Memcached, Chargen,Cldap etc. reflection attacks |
3. If you buy a service and don’t get attacked, do you charge?
If you have purchased high defense services, whether you are connected or subject to attack, we will start billing from the purchase time.
4. There are several packages for High Defense service. How to choose?
The package of High Defense service is set according to the DDoS protection peak (Gbps), it is recommended to choose the package with a protection peak value greater than the historical attack traffic peak value.
5. What if the attack traffic peak value exceeds the protection peak value of the purchased High Defense service?
If the peak value of the attack traffic exceeds the peak value of the protection purchased, the corresponding high defense IP will also trigger the automatic blocking mechanism, which will generally unblock automatically after 30 minutes of blocking.
In order not to affect your business, you can upgrade the protection package at an additional cost to increase the protection peak value and improve the protection effect. After the upgrade takes effect, if the high-defense IP that is blocked has not been automatically unblocked, you can apply to us for early unblocking.
6. Can a domain name without a record be connected to High Defense?
There are no restrictions on the domain names that Overseas High Defense can connect to.
7. Will the use of high defense services affect the filing of the website?
No.
8. How long will it take for the website to take effect after connecting to high defense service?
The effective time for a website to connect to a high defense service depends on the effective time of DNS parsing. In the case of all configurations being correct, it usually takes effect within 10-60 minutes.
9. Can websites that are not port 80 connect to high defense services?
Yes. In addition to the commonly used ports 80 and 443, High Defense service also supports some custom ports. General High Defense does not need to configure ports by default, and can support them. If you have any problems, you can contact us.
10. Can non-HTTP protocol services be connected to high-defense services?
Overseas High Defense not only supports HTTP/HTTPS businesses, but also supports other TCP/UDP protocol businesses.
11. Will the introduction of Overseas High Defense conflict with other software protections or hardware protections?
Overseas High Defense attracts traffic to the high defense data center for cleaning via BGP routing announcement, and then routes the cleaned traffic back to the cloud data center via a dedicated line without affecting software protections or hardware protections deployed on the server side.
12. How does Overseas High Defense obtain the user’s real IP address?
Overseas High Defense is protected by routing traction, and IP can be directly bound to the cloud host. The connection information seen on the cloud host is all real user connection information.
14. Can FTP/SSH/3389 remote desktop and other services be used after using the High Defense Service?
You can directly use the high defense IP to connect to FTP, SSH and 3389 remote desktop.
15. Why is it recommended to change the source station IP after using the High Defense Service?
Because before connecting to the High Defense, your source station IP may have been exposed, attackers can directly attack this IP, and the attack traffic will directly reach the source station.
Therefore, it is recommended to change the source site IP after using the high defense service, so that the new source site IP is hidden and protected by the high defense service.
16. Can I temporarily turn off protection?
Closing protection is not supported on the Multi Regional High Defense page, but you can manually cut the business out of the multi regional high defense to disable the defense.
17. How do I cut out the High Defense service?
The ways to cut out vary for different businesses. For example, you can resolve the domain name back to the ordinary EIP for the site business. For other businesses, you just need to make sure you are not using the high defense IP to access the business.