Overview
Menu

IP and IP Segment Grouping

Function Description

IP/subnet grouping contains IP or CIDR subnet list. You can use this IP/subnet grouping in DDoS protection, Web Protection, and Bot Management rules, or in cross-site similar rules to simplify configuration maintenance operations.
Note:
1. IP/subnet grouping supports cross-site usage. You can use the IP/subnet grouping in other sites directly after creating a new IP/subnet grouping to ensure the consistency of different site policies.
2. Up to 20,000 IP/subnet groupings can be added to the blocklist/allowlist under the same site, with a maximum of 16 IP groupings.

Scenario: Group management of IP information with business threats

Example scenario

A large game customer has connected sites example.com and site.com. Currently, through the security intelligence library and their own business security, a blocklist of IPs with business threats has been identified. These IP addresses will change dynamically, so they need to be updated in real-time and applied to all site domain names, instantly blocking these IPs.

Directions

1. Log in to the EdgeOne console and click Site List in the left sidebar. In the site list, click the target site to enter the site details page.
2. On the site details page, click Security Protection > General Settings to enter the configuration option details page.
3. In the IP and subnet grouping card, click Set.



4. Click Create to create a new group, enter the group name and the IP addresses or IP address segments included in the group, such as: 1.1.1.1/23;1.2.2.2. Separate multiple addresses with a return.



5. Click Save to complete the IP group creation. After the group is created, in this scenario, you need to disable all IP access within the group. You can add Basic access control rules on the Web Protection > Custom rule page of example.com and site.com, respectively. When adding rules, select to block when the Client IP is equal to the group name, which will block all IP access within the group and update dynamically based on the IPs included in the group. For detailed configuration steps, refer to Custom rule.



6. (Optional) After configuring the rules, if you identify new risky IPs that need to be added to the group and applied to all sites, you can follow steps 1-3 to re-enter the site where the template was created, click Edit, enter the new IP addresses, and click Save to apply the new IPs to all protection policies that use this group.