DDoS Protection Overview
With the internet growing as fast as it is, it is becoming increasingly dangerous. Not only to browse the internet but to host services on the Internet. A common type of attack that is performed with malicious intentions, is a DDoS (Distributed Denial of Service) attack. Essentially, what this does is overloads the network and brings a site down. Luckily with DDoS protection, it can make your site so that it is still accessible in the event of such an attack.
However it is important to understand that DDoS protection is a filter, and like all filters there is a possibility of good traffic being filtered out as well. For this reason, we highly recommend that you do not use your DDoS protected IP space as your service’s primary IP address. DDoS protection is best to be kept in Sensor mode, so that it is not always activated, only activated when an attack is detected. When an attack is detected it will be made Active, in which it will start filtering traffic.
It is also encouraged to add SSL to your Layer 7 protection, if your website being protected traditionally utilizes an SSL Certificate. When Layer 7 protection is active and implemented without an SSL certificate added, your website’s SSL Certificate will not be applied correctly and may show warnings to your visitors.
For additional information on how to manage and control your service’s DDoS protection service, we have a neat article that can be found here.
- DDoS Protection Overview
- Protecting Your Origin IP To Prevent DDoS Attack With CloudFlare
- Configure BIND Server