If the server IP is attacked, you can choose advanced anti DDoS IP or advanced anti DDoS server. If the attack bypasses the advanced anti DDoS and directly hits the origin IP, you need to replace the origin IP. If it is not convenient to change the IP of the source station or the IP has already been changed, it is recommended to add an SLB (load balancing) in front of the backend ECs.
服务器 IP 被攻击可以购买高防 IP，如果还存在攻击绕过高防直接打到源站 IP 的情况，就需要更换下源站 IP 了。
If the server IP is attacked, you can purchase advanced anti DDoS IP. If there is a situation that the attack bypasses advanced anti DDoS and directly hits the source IP, you need to replace the next source IP.
如果不方便换源站 IP 或已经换过 IP 了，建议在后端 ECS 前加挂一台 SLB（负载均衡），添加后架构为：客户端–>高防–>SLB–>ECS，需要在高防上填写 SLB 的地址作为回源地址。
If it is not convenient to change the IP of the source station or the IP has already been changed, it is recommended to add an SLB (load balancing) in front of the backend ECs. After adding, the architecture is: client – & gt; advanced anti DDoS – & gt; SLB – & gt; ECS. You need to fill in the address of SLB on advanced anti DDoS as the return source address.
这样即使攻击直接打源站，使得源站 IP 被黑洞，通过高防去访问服务器依然不受影响。因为 SLB 到源站的访问（这部分流量走内网，源站进黑洞无影响）还是正常的，高防也还是可以通过 SLB 去请求源站。
In this way, even if the attack hits the origin directly, the origin IP will be black hole, and the access to the server through the advanced anti DDoS will not be affected. Because the access from SLB to the source station (this part of the traffic goes through the intranet, and the black hole of the source station has no effect), advanced anti DDoS can also request the source station through SLB.
一般源站 IP 暴露的可能原因
Possible causes of IP exposure of general origin
1. There are security risks such as Trojans and Backdoors in the server. If there is no security technician to check, you can choose the security services provided by professional cloud service providers.
2、有一些其他的源站服务没有走高防，比如邮件服务器的 mx 记录、bbs 记录等除了 web 以外的记录，请仔细检查 DNS 解析的全部内容，确保没有记录解析到源站 IP。
2. There are some other source services that are not highly defensible, such as MX records of mail server, BBS records and other records except for web. Please carefully check all contents of DNS resolution to ensure that no records are resolved to the source IP.
3、网站源码信息泄露，如 phpinfo()中可能包含的 IP 地址等。
3. The source code information of the website is disclosed, such as the IP address that may be included in phpinfo().
4、某些恶意扫描（可通过在源站上只允许高防回源 IP 来防护）。
4. Some malicious scans (can be protected by only allowing highly anti loopback source IP on the origin).
高防 IP 推荐：腾讯云 T-Sec DDoS 高防 IP
Advanced anti DDoS IP recommendation: Tencent cloud t-sec DDoS advanced anti DDoS IP