A cloud-based security service that protects your data and application from DDoS and Trojan attacks


Alibaba Cloud Anti-DDoS is a cloud-based security service that integrates with Alibaba Cloud ECS instances to safeguard your data and applications from DDoS attacks, and provides increased visibility and control over your security measures.

As an Alibaba Cloud global service, Anti-DDoS enables you to meet stringent security requirements for your cloud hosting architecture without any investment. This service is available to all Alibaba Cloud users free of charge.

Product Details

Alibaba Cloud Anti-DDoS prevents and mitigates DDoS attacks by routing traffic away from your infrastructure, thereby ensuring availability and performance of your properties on AliCloud.

Anti-DDoS adds a layer of security and provides a protected cloud. Anti-DDoS also automatically detects and prevents various types of attacks including those at the application level and volumetric attacks.


Increased Data Protection

  • Protects your application and infrastructure from DDoS attacks.

Easy to Deploy

  • Easy to deploy and maintain without expensive equipment and complex configuration.

Increased Visibility

  • Provides real-time visibility of latest threats.

Multi-Layered Defense System

  • Provides DDoS protected cloud hosting by implementing security on network layer, host layer and data link layer.



  • Quickly detects attacks , launching defense in real time , protecting your data and applications from DDoS attack.

Open and Free

  • Provides a protected cloud with free comprehensive security protection for all Alibaba Cloud deployments.

Simple to Use

  • Simple and easy-to-use through Alibaba Cloud Management Console.
  • No alterations required for CNAMEs or name servers which saves overhead costs.


Distributed Denial of Service (DDoS)

  • Defends Distributed Denial of Service (DDoS) attacks such as SYNflood , UDPflood , ICMPflood etc.
  • Provides real-time information to users on current site attacks.


  • Automatic notification to users with text messages or email about attacks (optional).
  • Easy-to-use console allows you to view information on intrusion time, targeted ECS and other related information.
  • Provides real-time alerts for DDoS attacks.

Product Support

Service name Applicable products Applicable systems Detection methods Default to be open
Anti-DDoS service ECS, SLB ESE Real-time Yes

Processing Power

Built using Intel® Xeon ® processor E5-2600 v3 processor family, Alibaba Cloud Anti-DDoS delivers record-breaking performance that gives you the power and capacity to fuel your best business ideas and handle data-demanding and transaction-intensive applications.

Anti-DDoS Pro

Anti-DDoS Service Pro is a value-added service provided by Alibaba Cloud to protect your online business from being attacked by malicious DDoS traffic


Alibaba Cloud protects its customers against more than 1,000 DDoS attacks each day, and Anti-DDoS Pro ranks as the top value added security product in this category. Anti-DDos Pro defeats high-level DDoS and other attacks through its powerful mitigation capabilities. The product also ensures the elimination of single-point-of-failure from real-time DDoS attacks, HTTP flood attacks, empty connection attacks, slow connection attacks and other web application attacks.

You can set up the entire service within minutes without needing to configure complex network appliances. This product is recommended for high traffic websites and especially those integrating online payments and storing the personal details of users. Blogs and small websites, with less downside risk to being attacked and losing service, will typically not require subscription to the Pro version of this product.

Product Details

Alibaba Cloud Anti-DDoS Service Pro is a value added protection service to provide complete protection to your online business from all kinds of malicious DDoS attacks. This service enables mitigation of all kinds of attacks and ensure high availability even under high volume of DDoS traffic.

Using Anti-DDoS Service Pro, all the incoming traffic is diverted to Alibaba Cloud Anti-DDoS scrubbing centers by either updating DNS resolution settings (web) or replacing the original website IP with the anti-DDoS IP provided by Alibaba Cloud. This way, all the traffic will pass through the Anti-DDoS service at the outset, which identifies and mitigates the malicious traffic and forwards only the clean traffic to the original server. This ensures comprehensive DDoS protection for your complete infrastructure.

You can set up the whole service within minutes without configuring complex network appliances.


Mitigation of high-volume DDoS attack

  • BGP network with fast access experience, associated with distributed scrubbing centers all over the world.
  • The Anti-DDoS cluster provides a mitigation capacity of more than 2000Gbps, as well as fast access to backbone network.
  • Less than 50ms delay to original servers in Alibaba Cloud data centers in Mainland China.

Supports all Protocols and Formats

  • Supports TCP/UDP/HTTP/HTTPS protocols.
  • Suitable for all kinds of businesses including finance, e-commerce, gaming, and enterprise.
  • Ensures protection of application from Layer 4 and Layer 7 attacks.
  • Protects servers on both Alibaba Cloud services as well as other cloud service providers including AWS, Azure and RackSpace.

Fully-encrypted Linking with HTTPS

  • Supports Layer 7 HTTPS flood protection.
  • Ensures full encryption with HTTPS including backlink to origin server.
  • Protects privacy of SSL private keys.

Protection Algorithms

  • Defends against empty connection attack, slow connection attack and other malicious attacks.
  • Leverages various mechanisms such as IP reputation database, IP+Cookie, IP+Key to mitigate HTTP floods.
  • Maintains a global database of zombie network to trace all the attacks with the help of Alibaba Cloud Shield.


Mitigation of high-volume DDoS Attacks

  • Ensures mitigation of all kinds of DDoS attacks such as SYN flood, ACK flood, ICMP flood, UDP flood, NTP flood, SSDP flood, DNS flood, HTTP flood.
  • Offers mitigation capacity of 2000 Gbps.
  • Provides fast access to backbone server.

Application Layer Protection

  • Provides real-time mitigation for Layer 7 DDoS attacks which target application directly.
  • Offers advanced security features such as multi-faced verification, identity recognition and verification code, in order to filter malicious requests from legal requests.
  • Appropriate for HTTP(S) floods targeting websites or layer 7 applications like online gaming web-applications.
  • Ensures security even in the times of heavy traffic, such as during shopping festivals, product launch events.

High Availability

  • Guarantees 99.99% service availability.
  • Ensures high availability through global scrubbing centers.

Automatic Mitigation Capabilities

  • Provides real-time mitigation by automatically detecting malicious traffic without requiring any manual intervention in the process.
  • Lets you modify protection policies as per your business requirements.

Mitigation of Protocol Attacks

  • Ensures mitigation of protocol attacks such as Smurf attacks, ping of death, SYN floods, etc.

24/7 Security Support

  • Augments protection through 24*7 support from security experts.

Compatible with other cloud services

  • Inhibits capability of integration and providing security to servers on other cloud services besides Alibaba Cloud.

Advanced Protection Algorithms

  • Includes high-level mechanisms such as maintenance of IP reputation database, and IP+Cookie/IP+Key mechanism to mitigate HTTP floods.
  • Defends against different attacks which can slow down the speed of websites such as connection attack, slow connection attack and malicious attack to provide seamless experience on websites and applications.

Mobile Security

Alibaba Cloud Mobile Security Service is an online mobile application security service that protects applications from potential risks, threats and vulnerabilities


Mobile Security Service addresses the security concerns of enterprise customers through advanced risk detection techniques and provides protection from malware for mobile devices. This service acts as a one-stop solution for risk management by ensuring end-to-end protection for the entire mobile application lifecycle, spanning from design, development, testing and release.

Product Details

Alibaba Cloud Mobile Security Service ensures the security of an android mobile application through its entire lifecycle. It employs extensive vulnerability scans on android mobile applications to identify illegal practices. The service does not modify the code or application files but applies a security layer to prevent the vulnerabilities from being exploited. It prevents the application from getting exposed either due to poorly written code, insecure API implementations, or any other shortcomings. It applies various application hardening methodologies to ensure the security of the mobile applications. It is recommended that the application should be integrated with the service right from the development phase to maximize the benefits of this service.


Robust Scanning

  • Guarantees up to 99.9% availability.
  • Distributes traffic automatically across instances in different availability zones.
  • Quickly detects unhealthy instances and routes traffic to only healthy instances.

Comprehensive Security Protection

  • Applies comprehensive security protection technology to various applications.
  • Provides high stability and compatibility.
  • Ensures minimal impact on mobile applications.

Easy to Access

  • Allows you to quickly access and integrate the security service into your system through a SaaS-based model.
  • Facilitates easy automation of services and functionalities provided by mobile applications.

End-to-End Risk Management

  • Offers risk analysis and hardening techniques for the complete lifecycle of a mobile application from the initial development stage up to the release stage.
  • Provides incremental hardening from the development stage until the point of release.

Mobile Security Service Team

  • Provides 24*7 support services through a number of industry leading white hat hackers.
  • Offers expertise from distinguished speakers of Black Hat and RSA Conference.


Quick Application Vulnerability Detection

Static Vulnerability Detection:

  • Scans and locates vulnerabilities statically and performs taint analysis to retrieve variable values accurately.
  • Analyses and tracks vulnerabilities at the granularity of the register.

Dynamic Vulnerability Detection:

  • Scans and locates vulnerabilities dynamically and performs Fuzz testing to restore the real Android environment and obtain accurate results.

Application Vulnerabilities Resolution

  • Provides a complete remedial solution for your mobile application based on the scan results.

Advanced Security with Application Hardening

  • Applies various methods like re-encoding, shelling, and modifying the command calling sequence to enhance anti-cracking capability of your application.
  • Employs techniques that focuses on application hardening intensity, while maintaining the compatibility of your application.

Core Application Hardening Techniques

Mainstream static analysis tool prevention -

Effectively prevents hackers from using static analysis tools such as APKTool, dex2jar, and JEB to analyze applications' Java-layer code.

SO shelling -

  • Shells the SO file to effectively prevent malicious users from using tools such as IDA and readelf to analyze SO file logic.

DEX shelling -

  • Shells the DEX file by using loading and remedial techniques during dynamic running.
  • Effectively prevents hackers from dumping the Java-layer code memory.

Constant encryption -

  • Encrypts plaintext constant strings in the DEX file.
  • Uses the dynamic decryption feature to decrypt strings during runtime, greatly increasing the difficulty in reverse analysis.

Java command translation -

  • Modifies the calling relationship link of the service logic at the Java layer.
  • Ensures protection of the Java-layer code from hackers, by not giving access to the entire service logic.

Java execution simulation -

  • Detaches commands from the DEX file and simulates execution in a user-defined execution environment.
  • Effectively prevents malicious users from getting a dump of Java-layer code using commands.

Web Application Firewall

A cloud firewall service utilizing big data capabilities to protect against web-based attacks


Web Application Firewall (WAF) is a web application security service. Based on powerful "big data" cloud capabilities and underlying security, WAF provides protection against web-based attacks, including SQL injections, XSS, Malicious BOT, command execution vulnerabilities, and other common web attacks. WAF filters out large numbers of malicious access attempts and alleviates the performance impact of HTTP/HTTPS flood attacks on servers.

WAF is a cloud firewall service that protects core website data and safeguards the security and availability of your website/s.

Product Details

Alibaba Cloud Web Application Firewall (WAF) is a SaaS-based web application security service and which detects illegal web requests through its built-in security strategy. As a cloud firewall service WAF changes your website's DNS records, so that all requests through WAF are detected in order to direct safe traffic to the site server and prohibit attacks from reaching the server.


Stability and Speed

  • Easy Deployment: No need to install additional software or to deploy extra hardware. You can access the product and secure your website within minutes
  • Shorter Response Time: Extremely short response time (milliseconds) for user requests
  • Improved Monitoring and Service Systems: Offers 24/7 network-wide smart monitoring and scheduling based on service quality

Defense Capabilities

  • Centrally Defined Protection Rules: Nearly 1,000 protection rules, updated each day across all web applications by a dedicated defense team in order to protect from false positive rates
  • Patch Synchronization: Offers 0-day web vulnerability patches synchronized globally within 24 hours
  • Superior Defense: Comprehensive website security protection through precise access controls to provide powerful defense against web/flood attacks

Big Data Security Analysis

  • Security Protection: Protects thousands of data sensitive websites against millions of web attacks
  • Global Synchronization: Collaborative defense captures new threats and globally synchronizes protection rules
  • Big Data Learning Models: WAF utilizes a big data learning model to reduce the rate of false positives


  • Real-time Metrics of Web Requests: Monitors requests that match your filter criteria and provides real-time metrics for improved visibility of your web traffic, which you can create using new rules and alerts

Cost-effective Pricing

  • Monthly Package: Offers monthly subscription with different package versions and feature specifications that you can select depending on your requirements


Immunity Against Common Web Attacks

  • Protection Rule Policies: Provides high, medium and low-protection rules/policies against common web attacks listed in OWASP;
  • Meets needs of different website services regarding common GET and POST HTTP requests;
  • Defends against SQL injection, XSS, Webshell uploads, command injection, illegal HTTP protocol requests, attacks on common
  • web server vulnerabilities, unauthorized access to core files, and path traversal;
  • Provides backdoor isolation protection, defense scans, and other security protection.
  • Website Stealth: Safeguards website address from being exposed to attackers, so that attacks cannot bypass the WAF and attack your website directly.
  • Regular 0-day Patch Updates: Synchronizes protection rules with Taobao (online shopping platform) and quickly provides patches latest vulnerabilities.
  • These patches are immediately synchronized globally to defend all protected websites.

HTTP / HTTPS Flood / DDoS Attack Mitigation

  • Precise Access Control: Handles DDoS attacks by controlling frequent access from a single or range of source IP, provides redirect
  • jump verification, and determines whether access requests are tasked by a human operator or a machine. Uses a combination of precise access control filters to control requests with abnormal Referer and User-Agent fields to protect against massive slow request attacks and identify abnormal response codes, IP access, and URL distributions.
  • Multi-layer Protection: Integrated security modules protect from common web/CC attacks. WAF creates a comprehensive,
  • multi-layer protection mechanism to accurately distinguish between trusted and malicious traffic based on actual needs.

WAF Modes

  • Friendly Observation Mode: Option to enable observation mode for new website services. In this mode, WAF issues warnings for possible attacks that match the protection rules, but does not block them. This lets you collect statistics on the false positive rate of your service.
  • Prevention Mode: Actively blocks intrusions and attacks detected by its set rules. Attackers' requests are denied and their connection is terminated. This mode continues to log such attacks in the WAF logs file.

Big Data Security

  • Fully utilizes Alibaba Cloud's advantages in big data security, threat intelligence library, and trusted access analysis models to identify malicious traffic.