Anti-DDoS is a traffic cleaning service that protects resources (such as ECSs and ELB instances) from network- and application-layer DDoS attacks.It notifies users of detected attacks instantly, improves bandwidth utilization effectively, and ensures the stable and reliable running of services.

Anti-DDoS is free of charge
FREE for DDoS Attack Mitigation Within 500 Mbit/s


Anti-DDoS is built around professional devices and extensive defense experience. Certified by NSS Labs, it ensures zero mis-cleaning of normal traffic.


A blacklist database with millions of IP addresses, a 7-layer cleaning mechanism, and a smart baseline learning module work together to guarantee accurate and effective cleaning.


Anti-DDoS uses advanced technology to check each packet and responds to any attack in seconds. The powerful cleaning device helps ensure near-zero service delay.


Anti-DDoS is free of charge and instantly available upon application. Professional templates of defense and self-learning capability of protection thresholds are provided.

Application Scenarios

  • Websites

  • Games



Websites are prone to DDoS attacks, such as heavy-traffic attacks and CC attacks, which cause them to crash. Anti-DDoS can defend against attacks at layers 4 to 7 to improve website access.


  • Defends against 100+ types of transmission- and application-layer attacks to ensure website stability.

  • Defends against reflection and amplification attacks to ensure link reliability.

  • Free of charge, up to 500Mbit/s.

Recommended for Use With




Games are another major target of DDoS attacks. Anti-DDoS defends against attacks such as empty connection, slow connection, CC attacks, forced-logout cheating plug-ins, and attacks targeting gateways and servers.


  • Uses proprietary V-ISA reputation technology to ensure the priority of game services.

  • Automates packet detection and policy matching to ensure second-level response.

  • Free of charge, up to 500 Mbit/s.

Recommended for Use With


Function Description

Filtering Malformed and Probe Packets

Filters malformed packets and defends against scanning and probing attacks based on standards of RFC.

  • Malformed Packets

    LAND, Fraggle, Smurf, Winnuke, Ping of Death, Tear Drop, and TCP Error Flag

  • Probe Packets

    Port scanning, address scanning, TRACERT control packet attacks, IP source route option attacks, IP timestamp option attacks, and IP record route option attacks

Defending Against Network Transmission—based Attacks

Effectively defends against attacks such as SYN, SYN-ACK, FIN, RST, UDP, ICMP Flood, and TCP connection exhaustion.

  • TCP/UDP/ICMP Flood Attacks

    SYN/SYN-ACK/ACK Flood, FIN Flood, RST Flood, TCP/UDP Fragment Flood, UDP Flood, and ICMP Flood attacks

  • TCP Connection Exhaustion Attacks

    In these attacks, attackers use zombie hosts to establish a large number of TCP connections with the target server to exhaust the server.

Preventing Application-Layer Threats

Effectively prevents attacks such as HTTP Get, Post Flood, CC, HTTP Slow Header/Post, and HTTPS Flood.

  • Web Application Attacks

    HTTP Get/Post Flood, CC, HTTP Slow Header/Post, SSL DoS/DDoS, RUDY, LOIC, and WordPress attacks

  • DNS/SIP Attacks

    DNS Query Flood, DNS Reply Flood, DNS cache poisoning, and SIP Flood/SIP Methods Flood attacks such as Register Flood, Deregistration Flood, Authentication Flood, and Call Flood

Displaying Attack Trends and Traffic Reports

Uses a user-friendly platform to show real-time service traffic and attack trends.

  • IP Address—specific Monitoring

    Current defense status, parameters, service traffic over the last 24 hours, and abnormalities (attacks and cleanings) over the last 24 hours

  • Overall Defense Report

    An overall defense report is provided, containing information such as number of cleaning times, cleaning peak, and Top 10 most frequently attacked servers and their numbers of intercepted attacks.

Register Now