Auto generated lists

Some services will automatically create network ACLs, these lists will have specific functions which we will explain below.

Auto AntiDDoS list

The AntiDDoS system will generate a list of suspicious IPs and add them to a Network ACL named "ddos_identified_ips".

This list serves an informational purpose only and does not take any further action against the IPs. You can utilize this list as needed.

Block this IP button

In the Analytics section, you will find a button "Block this IP" under the "IP address table".

The blocked IPs will be added to a Network ACL named "auto_blacklist". Also a deny VCL configuration will be created for the IPs in this list.

IPs on this list will be unconditionally blocked unless a TTL is set when blocking the IPs.

Auto Block IPs anomaly reaction

The "Block IP" reaction in Anomaly Detection service, automatically blocks an IP if its requests per second exceed the predefined threshold. These IPs are then added to the "auto_blacklist" ACL.

By default, blocked IPs have a TTL of 1 hour, though this can be adjusted when setting the threshold.

Captcha reaction

The "Captcha" reaction in Anomaly Detection service, automatically adds an IP to the "auto_captcha" ACL if its requests per second exceed the predefined threshold. These IPs are then required to solve a Captcha puzzle for each request.

By default, Captcha have a TTL of 1 hour, though this can be adjusted when setting the threshold.

JS Challenge reaction

The "JS Challenge" reaction in Anomaly Detection service, automatically adds an IP to the "auto_jschallenge" ACL if its requests per second exceed the predefined threshold. These IPs are then required to pass a JS Challenge for each request.

By default, JS Challenge have a TTL of 1 hour, though this can be adjusted when setting the threshold.