Edge Security
  • Overview
  • DDoS Protection
    • DDoS Protection Overview
    • Exclusive DDoS Protection Usage
    • Configuration of Exclusive DDoS protection Rules
      • Increase DDoS Protection Level
      • Exclusive DDoS Traffic Alarm
      • Configuration IP blocklist/allowlist
      • Configuration Region Blocking Rule
      • Configuration Port Filtering
      • Configuration Features Filtering
      • Configuration Protocol Blocking Rule
      • Configuration Connections Attack Protection
      • Related References
        • Action
        • Related Concepts Introduction
  • Web Protection
    • Overview
    • Managed rules
    • CC attack defense
    • Custom rule
    • Custom Rate Limiting Rules
    • Exception Rules
    • Managed Custom Rules
    • Web security monitoring alarm
    • Refer
      • Web Protection Request Processing Order
      • Action
      • Match Condition
  • Bot Management
    • Overview
    • Bot Intelligent analysis
    • Bot Basic Feature Management
    • Client Reputation
    • Active Detection
    • Custom Bot Rule
    • Bot Exception Rule
    • Related References
      • Action
  • Rules Template
  • IP and IP Segment Grouping
  • Origin Protection
  • Custom Response Page
  • Alarm Notification
  • SSL/TLS
    • Overview
    • Deploying/Updating SSL Certificate for A Domain Name
    • Configuring A Free Certificate for A Domain Name
    • HTTPS Configuration
      • Forced HTTPS Access
      • Enabling HSTS
      • SSL/TLS Security Configuration
        • Configuring SSL/TLS Security
        • TLS Versions and Cipher Suites
      • Enabling OCSP Stapling

IP and IP Segment Grouping

An IP group contains a list of IPs or CIDR IP ranges. You can reference the IP group in DDoS protection and Web protection rules to simplify configuration and maintenance.
Note:
1. IP groups support cross-site usage. After creating an IP group, you can directly reference it in other sites to ensure consistent policies across different sites.
2. Up to 100 groups can be configured under the same account, and each IP group can include up to 2,000 IPs or CIDR IP ranges. To configure IP group matching in Web protection rules, see Match Condition for related limits.

Scenario: Group Management of IP Information with Business Threats

Example Scenario

A large game customer has connected sites example.com and site.com. Currently, through the security intelligence library and their own business security, a blocklist of IPs with business threats has been identified. These IP addresses will change dynamically, so they need to be updated in real-time and applied to all site domain names, instantly blocking these IPs.

Directions

1. Log in to the EdgeOne console and click Site List in the left sidebar. In the site list, click the target Site.
2. On the site detail page, click Security > General Settings.
3. In the IP groups tab, click Edit.
4. Click Create to create a group. Enter the group name and the IP address or IP range contained in the group, such as 1.1.1.1/23 and 1.2.2.2. Separate multiple IP addresses with carriage returns.
5. Click Save to complete the IP group creation.

6. After creating the IP group, as an example for this scenario, you need to disable access for all IPs within the group. You can add basic access control rules on the example.com and site.com's Web Security page. When adding rules, choose Client IP equals the group name to perform Block. This will intercept all IP access within the group and dynamically update based on included IPs. For detailed configuration steps, refer to Custom Rules.

7. (Optional) After configuring the rules, if you identify new risky IPs that need to be added to the group and applied to all sites, you can follow steps 1-3 to re-enter the site where the template was created, click Edit, enter the new IP addresses, and click Save to apply the new IPs to all protection policies that use this group.