dos.yaml Reference

The dos.yaml file provides the controls to blacklist IP addresses or subnets to protect your app from Denial of Service (DOS) attacks or similar forms of abuse. For more information, see Configuring DoS protection.

By default, App Engine serves a generic error page to blacklisted addresses. You can configure your app to serve a custom response instead. For details, see the app.yaml reference on error handlers.


The following is an example dos.yaml file:

- subnet:
  description: a single IP address
- subnet:
  description: an IPv4 subnet
- subnet: 2001:DB8::1
  description: an IPv6 address
- subnet: 2001:DB8::/32
  description: an IPv6 subnet


A dos.yaml file in the root directory of your application alongside app.yaml: it configures DoS Protection Service blacklists for your application.

The syntax of dos.yaml is the YAML format. For more information about this syntax, see the YAML website.
Element Description
description An optional description for the blacklist entry.
subnet Required. The subnet value is any valid IPv4 or IPv6 subnet in CIDR notation.

Deploying the DoS configuration file

To deploy the DoS configuration file, run the following command:


gcloud app deploy dos.yaml


If you install the original App Engine SDK, you can run: update_dos [YOUR_APP_DIR]

Deleting all DoS configuration

To delete all DoS configuration:

  1. Edit the contents of the dos.yaml file to:

  2. Deploy the dos.yaml file to App Engine.


You can define a maximum of 100 blacklist entries in your configuration file. Uploading a configuration file with more than 100 entries will fail.

Var denne siden nyttig? Si fra hva du synes:

Send tilbakemelding om ...

App Engine standard environment for Python 2