Follow

How to Denylist IP Addresses for DDoS Routed Services

Description

Silverline allows customers to denylist (formerly blacklist) source IP addresses so that traffic from these source IP addresses is always dropped. This article outlines how to denylist IP addresses for Routed services.

 

Environment

  • Silverline DDoS
    • Routed
  • DDoS IP Denylist

 

Procedure 

1. In the Portal, navigate to Config > IP Management > IP Denylists

2. This opens the IP Management page on the Denylists tab, which has 2 sub-tabs: Proxy Denylist and Routed Denylist.

Select the Routed Denylist tab. (For adding denylisted IPs to Proxy Services, see Denylisting IP Addresses for Proxy Services.)

 

3. To add a new Denylist, select the +Add button in the upper right.

 

4.Enter the IP addresses and/or subnets, one per line, that you wish to denylist.

Screen_Shot_2020-10-20_at_6.15.42_AM.png

  • You may specify an expiration period, if required.

How to Format the IPs

An IP address is entered in the normal four tuple format.  An example of a prefix would be:

80.20.32.0/24 - this would block any address in the range 80.20.32.1 - 80.20.32.255.

  Be sure to not add Restricted IP Addresses.  

 

5. Click Save. The drop-down will show 3 choices: Add to Proxy Denylist, Add to Routed Denylist, Add to Proxy and Routed Denylist.

  • Choose Add to Routed Denylist to block the specified IPs on your routed services.
  • Choose Add to Proxy and Routed Denylist to block the specified IPs on both your routed and proxy services (Only applies if you have both of these services).

 

Related Content

 

Was this article helpful?
1 out of 1 found this helpful
Have more questions? Submit a request