Security class

EIP

  • API Reference
    • API function release records
    • API Service Domain Name
    • API Specifications
    • Appendix 1
    • Bandwidth Package Related Interfaces
      • Adjust the bandwidth of the bandwidth package
      • Create bandwidth package
      • Query bandwidth package details
      • Query bandwidth package list information of users
      • Release bandwidth package
      • Update the automatic release time of the bandwidth package
      • Update the name of the bandwidth package
    • DDoS Basic Protection Related Interfaces
      • Modify DDoS basic protection threshold
      • Query DDoS Basic Protection Attack Records
      • Query DDoS basic protection list
    • EIP Related Interfaces
      • Apply for EIP
      • Bind EIP
      • Disable EIP direct
      • EIP bandwidth scaling
      • EIP renewal has been enabled
      • Enable EIP direct
      • Query EIP list in bucket trash
      • Query EIP list
      • Release EIP
      • Release EIPs in the bucket trash
      • Renew EIP
      • Restore EIPs in the bucket trash
      • Selective release of EIP
      • Unbind EIP
      • Unsubscribe prepaid EIP
      • Update EIP Release Protection Switch
    • Error code
    • General Description
    • Inquiry Related
      • Bandwidth package price inquiry
      • EIP Inquiry
      • EIPGROUP Inquiry
      • Shared Traffic Package Inquiry
    • Interface Overview
    • Overview
    • Prerequisites for use
    • Shared Bandwidth Related Interfaces
      • Bandwidth scaling up for EIPGROUP
      • Create EIPGROUP
      • EIPGROUP IP count upgrade
      • EIPGROUP release
      • EIPGROUP renewal
      • EIPGROUP update
      • Migrate EIP from EIPGROUP
      • Migrate EIP into EIPGROUP
      • Query EIPGROUP details
      • Query the EIPGROUP list
      • Unsubscribe prepaid EIPGROUP
    • Shared Traffic Package Related Interfaces
      • Create a shared traffic package
      • Query shared traffic package details
      • Query shared traffic package list
    • TBSP Related Interfaces
      • Add Protection IP Allow List
      • Add Protocol Blocking
      • Add Region Blocking
      • Bind Protection Object
      • Close Protection IP Cleaning
      • Create TBSP
      • Delete Protection IP Allow List
      • Delete Protection Object
      • Delete Protocol Blocking
      • Delete Region Blocking
      • Modify Protection IP Cleaning Threshold
      • Modify Protection IP Protection Level
      • Open Protection IP Cleaning
      • Query Protection IP Allow List
      • Query Protection IP Cleaning Threshold List
      • Query Protocol Blocking List
      • Query Region Blocking List
      • Query TBSP Details
      • Query TBSP List
      • TBSP Capacity dilatation
      • TBSP renew
  • FAQs
    • Billing class
    • Configuration
    • Consultation
    • Security class
  • Function Release Records
  • Operation guide
    • Address pool
    • Bandwidth package
      • Bandwidth scale-up package
      • Cross-border acceleration package
    • Certification
    • DDoS standard protection
    • EIP Instance
      • Create instance
      • EIP Direct Connect
      • IPv6 Termination
      • Manage Alarms
      • Operation Instance
      • Shift Charge
      • View monitoring
    • EIP Self-Service Diagnostics
      • EIP Instance Diagnosis
    • EIPGROUP
      • Bind cloud resources
      • Manage Shared Bandwidth
      • Purchase Shared Bandwidth
      • View monitoring
    • High Defense EIP
    • Identity and access management
    • Recycle bin
    • Shared traffic package
      • Purchase Shared Traffic Package
      • View Shared Traffic Package
    • Tag Management
    • Traffic Burst Service Package
      • Instance management
      • Monitor alarm
      • Protection Configuration
    • Unblocking Center
  • Product Description
    • Application scenarios
    • Product advantages
    • Product Introduction
    • Usage restrictions
  • Product pricing
    • Bandwidth Package Billing
    • EIP Instance Billing
    • EIPGROUP Billing
    • Shared Traffic Package Billing
    • TBSP Billing
  • SDK
    • GO-SDK
      • DDoS Instance
      • EIP Instance
      • EipBp Instance
      • EIPGROUP Instance
      • EipTp Instance
      • Exception handling
      • Initialization
      • Install the SDK Package
      • Overview
    • Java-SDK
      • EIP Instance
      • EipBP Instance
      • EIPGROUP Instance
      • EipTp Instance
      • Exception handling
      • Initialization
      • Install the SDK Package
      • Overview
      • Version history
    • PHP-SDK
      • EIP Instance
      • EipBP Instance
      • EIPGROUP Instance
      • Exception handling
      • Initialization
      • Install the SDK Package
      • Overview
      • Version history
    • Python-SDK
      • EIP Instance
      • EipBP Instance
      • EIPGROUP Instance
      • EipTp Instance
      • Exception handling
      • Initialization
      • Install the SDK Package
      • Overview
      • Version history
  • Service Level Agreement (SLA)
    • EIP Service Level Agreement SLA
    • TBSP Service Level Agreement SLA
  • Typical Practices
    • Bring Your Own Overseas Public IP Address to the Cloud
    • IPv6 Public Network Access
    • Save Public Network Costs
    • TCP Port 25 Restriction Description
All documents
menu
No results found, please re-enter

EIP

  • API Reference
    • API function release records
    • API Service Domain Name
    • API Specifications
    • Appendix 1
    • Bandwidth Package Related Interfaces
      • Adjust the bandwidth of the bandwidth package
      • Create bandwidth package
      • Query bandwidth package details
      • Query bandwidth package list information of users
      • Release bandwidth package
      • Update the automatic release time of the bandwidth package
      • Update the name of the bandwidth package
    • DDoS Basic Protection Related Interfaces
      • Modify DDoS basic protection threshold
      • Query DDoS Basic Protection Attack Records
      • Query DDoS basic protection list
    • EIP Related Interfaces
      • Apply for EIP
      • Bind EIP
      • Disable EIP direct
      • EIP bandwidth scaling
      • EIP renewal has been enabled
      • Enable EIP direct
      • Query EIP list in bucket trash
      • Query EIP list
      • Release EIP
      • Release EIPs in the bucket trash
      • Renew EIP
      • Restore EIPs in the bucket trash
      • Selective release of EIP
      • Unbind EIP
      • Unsubscribe prepaid EIP
      • Update EIP Release Protection Switch
    • Error code
    • General Description
    • Inquiry Related
      • Bandwidth package price inquiry
      • EIP Inquiry
      • EIPGROUP Inquiry
      • Shared Traffic Package Inquiry
    • Interface Overview
    • Overview
    • Prerequisites for use
    • Shared Bandwidth Related Interfaces
      • Bandwidth scaling up for EIPGROUP
      • Create EIPGROUP
      • EIPGROUP IP count upgrade
      • EIPGROUP release
      • EIPGROUP renewal
      • EIPGROUP update
      • Migrate EIP from EIPGROUP
      • Migrate EIP into EIPGROUP
      • Query EIPGROUP details
      • Query the EIPGROUP list
      • Unsubscribe prepaid EIPGROUP
    • Shared Traffic Package Related Interfaces
      • Create a shared traffic package
      • Query shared traffic package details
      • Query shared traffic package list
    • TBSP Related Interfaces
      • Add Protection IP Allow List
      • Add Protocol Blocking
      • Add Region Blocking
      • Bind Protection Object
      • Close Protection IP Cleaning
      • Create TBSP
      • Delete Protection IP Allow List
      • Delete Protection Object
      • Delete Protocol Blocking
      • Delete Region Blocking
      • Modify Protection IP Cleaning Threshold
      • Modify Protection IP Protection Level
      • Open Protection IP Cleaning
      • Query Protection IP Allow List
      • Query Protection IP Cleaning Threshold List
      • Query Protocol Blocking List
      • Query Region Blocking List
      • Query TBSP Details
      • Query TBSP List
      • TBSP Capacity dilatation
      • TBSP renew
  • FAQs
    • Billing class
    • Configuration
    • Consultation
    • Security class
  • Function Release Records
  • Operation guide
    • Address pool
    • Bandwidth package
      • Bandwidth scale-up package
      • Cross-border acceleration package
    • Certification
    • DDoS standard protection
    • EIP Instance
      • Create instance
      • EIP Direct Connect
      • IPv6 Termination
      • Manage Alarms
      • Operation Instance
      • Shift Charge
      • View monitoring
    • EIP Self-Service Diagnostics
      • EIP Instance Diagnosis
    • EIPGROUP
      • Bind cloud resources
      • Manage Shared Bandwidth
      • Purchase Shared Bandwidth
      • View monitoring
    • High Defense EIP
    • Identity and access management
    • Recycle bin
    • Shared traffic package
      • Purchase Shared Traffic Package
      • View Shared Traffic Package
    • Tag Management
    • Traffic Burst Service Package
      • Instance management
      • Monitor alarm
      • Protection Configuration
    • Unblocking Center
  • Product Description
    • Application scenarios
    • Product advantages
    • Product Introduction
    • Usage restrictions
  • Product pricing
    • Bandwidth Package Billing
    • EIP Instance Billing
    • EIPGROUP Billing
    • Shared Traffic Package Billing
    • TBSP Billing
  • SDK
    • GO-SDK
      • DDoS Instance
      • EIP Instance
      • EipBp Instance
      • EIPGROUP Instance
      • EipTp Instance
      • Exception handling
      • Initialization
      • Install the SDK Package
      • Overview
    • Java-SDK
      • EIP Instance
      • EipBP Instance
      • EIPGROUP Instance
      • EipTp Instance
      • Exception handling
      • Initialization
      • Install the SDK Package
      • Overview
      • Version history
    • PHP-SDK
      • EIP Instance
      • EipBP Instance
      • EIPGROUP Instance
      • Exception handling
      • Initialization
      • Install the SDK Package
      • Overview
      • Version history
    • Python-SDK
      • EIP Instance
      • EipBP Instance
      • EIPGROUP Instance
      • EipTp Instance
      • Exception handling
      • Initialization
      • Install the SDK Package
      • Overview
      • Version history
  • Service Level Agreement (SLA)
    • EIP Service Level Agreement SLA
    • TBSP Service Level Agreement SLA
  • Typical Practices
    • Bring Your Own Overseas Public IP Address to the Cloud
    • IPv6 Public Network Access
    • Save Public Network Costs
    • TCP Port 25 Restriction Description
  • Document center
  • arrow
  • EIP
  • arrow
  • FAQs
  • arrow
  • Security class
Table of contents on this page
  • How to view detailed information about attack protection?
  • How to scale up the capacity of a TBSP?
  • Is DDoS basic protection free of charge?
  • What types of protection are available?
  • What should I do if the basic protection threshold is too low to satisfy demands?
  • Why are blocking policies necessary? Why can't Baidu AI Cloud provide unlimited free DDoS protection for users?
  • What should I do if my EIP is blocked?

Security class

Updated at:2025-10-16

How to view detailed information about attack protection?

After adding the protected public IPs to a TBSP instance, monitor the total ingress bandwidth, back-to-origin bandwidth, attack bandwidth, total ingress packet rate, back-to-origin packet rate, attack packet rate, and DDoS attack logs on the monitoring and attack records pages.

To view the monitor information of a protected IP, follow the detailed steps as follows:

  1. Log in to the Management Console and navigate to Product Services - Networking - EIP.
  2. Navigate to TBSP in the left-hand menu to view the TBSP list.
  3. Click the instance name to open the Instance Details page.
  4. Click Monitor in the left navigation menu to reach the Monitor page and review monitoring information for the protected IP.

Users can also manage TBSP alarm strategies. On the Monitor page, click Alarm Details to access the Alarm Configuration page. For detailed steps, refer to BCM Alarm Management.

How to scale up the capacity of a TBSP?

The steps to scale up the capacity of a TBSP are as follows:

  1. Log in to the Management Console and navigate to Product Services - Networking - EIP.
  2. In the left navigation bar, select TBSP to access the TBSP list.
  3. Click Capacity Scaling Up on an existing instance to open the Configuration Change page.

  4. Select the desired IP capacity for the service package. The scale-up configuration will take effect immediately upon payment completion.

    Note: TBSP capacity supports only scaling up, not scaling down.

Is DDoS basic protection free of charge?

Baidu AI Cloud provides EIP with free basic DDoS protection of up to 5Gbps. For higher levels of protection, users can choose TBSP according to their needs to respond quickly to attacks.

What types of protection are available?

Protection against the following network-layer attacks:

  • SYN flood attacks;
  • ACK flood attacks;
  • FIN/RST flood attacks;
  • UDP flood attacks;
  • ICMP flood;
  • TCP connection exhaustion attacks, etc.; Application-layer attacks:
  • Effectively mitigate HTTP GET/POST flood attacks;
  • CC attacks;
  • HTTP slow header/post attacks, among others.

What should I do if the basic protection threshold is too low to satisfy demands?

Purchase the TBSP service for hundreds of Gbps-level defense capabilities without changing the existing IP. For Tbps-level DDoS protection thresholds, users can choose the advanced DDoS protection service and redirect traffic to the advanced protection IP.

Why are blocking policies necessary? Why can't Baidu AI Cloud provide unlimited free DDoS protection for users?

Baidu AI Cloud lowers user cloud costs by sharing infrastructure, where all users utilize the public network egress of Baidu AI Cloud. However, during large-scale DDoS attacks, not only the targeted object but also the entire Baidu AI Cloud network could be impacted. To prevent DDoS attacks from affecting other uninvolved users and to ensure the overall stability of the cloud platform network, blocking becomes necessary.

DDoS protection entails significant costs, primarily stemming from bandwidth expenses. The bandwidth is procured by Baidu AI Cloud from telecom providers like China Telecom, China Unicom, and China Mobile. When calculating bandwidth fees, these operators do not exclude DDoS attack traffic, instead charging Baidu AI Cloud for the total bandwidth consumed. Baidu AI Cloud offers basic DDoS protection to defend cloud platform users against attacks free of charge while managing costs. However, if attack traffic exceeds the threshold, Baidu AI Cloud will block traffic from the attacked IP to avoid additional fees.

If an IP is blocked because attack traffic surpasses the threshold, users can purchase the TBSP service to raise the DDoS protection threshold to the 100Gbps level without needing to change their existing IP. For Tbps-level DDoS protection thresholds, users can opt for the DDoS advanced defense service. After binding the protection IP, users should submit a ticket requesting staff to unblock the attacked EIP. Services can then be accessed via the protection address, while the EIP will require 24 hours to exit the blackhole state.

What should I do if my EIP is blocked?

Blocking may occur due to various reasons, such as an EIP being subjected to DDoS attacks, security vulnerabilities in the associated cloud host, or non-compliant activities on the instance.

If DDoS attacks exceed the capacity of Baidu AI Cloud's Cleaning Center, Baidu AI Cloud reserves the right to throttle traffic to maintain public network stability. Instances protected by the affected IP may experience bandwidth limitations or even outright blocking. Blocked IPs can be manually released via the release center or will automatically be unblocked by the system after 24 hours.

Previous
Consultation
Next
Function Release Records