DDoS Protection & Rate Limiting
What are DDoS attacks?
Distributed Denial of Service (DoS) attacks usually consist of a large number of requests to your website made by bots. This can result in server lag, your website becoming unreachable due to the bandwidth allocated to your website being consumed by the useless traffic as opposed to your actual viewers.
Polaris' DDoS defense allows for the protection of your web application across Layers 3, 4, and 7. Layer 7 defense is controlled via Rate Limiting, set by platform configuration settings. Layers 3 and 4 defense are provisioned via our Anycast network
What is Rate Limiting?
Rate limiting is the process in which the amount of requests to your web server within a set amount of time is controlled. That means that when a DDoS attack happens, instead of all the traffic flooding your servers at once, the WAAP acts as a traffic control guard, allowing only a certain amount to reach your server at a time.
DDoS Rate Limiting can be found under the Policies tab in your website settings, to access 'Settings', click the drop-down menu on the selected site:
Configuration
Click on the "Policies" Tab to access configure DDoS protection via Rate Limiting. See configurations belows:
There are two categories of DDoS protection, global and client:
- Global protection sets the threshold for number of connections from any sources to the server.
- Client protection sets the threshold for number of connections from any one particular user to the server.
There are two settings for each category, domain threshold and burst threshold which will limit the rate (Rate Limiting) at which requests may be made to your web application:
- Domain threshold refers to the minimum number of requests over a period of 10 seconds before DDoS protection is activated. This helps to identify DDoS attacks where requests slowly increase in number over a longer period of time. Minimum value: 5000
- Burst threshold refers to the minimum number of requests over a period of 5 seconds, before DDoS protection is activated. This helps to identify DDoS attacks where there is a sudden increase in requests in a short period of time. Minimum Value: 1000
Do note that there are minimum values for each field and that these are the default settings for DDoS protection. Once the relevant changes have been made, be sure to press the blue Update button to save your changes.
In addition to Rate Limiting, Polaris also utilizes horizontal scaling, its Anycast network, and Load Balancing to distribute traffic in mitigation of DDoS attacks.
Related Articles
XSS and X-XSS protection - what's the difference?
Polaris offers multiple forms of protection against XSS (Cross-Site Scripting). One of them is using OWASP Rules and another is the use of security headers in the browser (X-XSS-Protection). For XSS in OWASP, Polaris detects if a user is trying to ...Horizontal Scaling - what is it?
Many of the different ways the Polaris WAAP manages to maintain its own operations during a DDoS attack, allowing you to then maintain your operations, is through Horizontal Scaling. As the number of requests increase, flooding the WAAP, our servers ...Setting up with Nameservers
Setting up with Nameservers is one of two ways in which you can register your web domain for protection with Polaris' WAAP. This is the advanced method and most users will register via the CNAME method. To register your web domain with the ...Setting up with a CNAME Record
Setting up with your CNAME is one of two ways in which you can register your web domain for protection with Polaris' WAAP. This is the recommended method for most users as the Nameserver method is more advanced. Once registered for the WAAP, the ...API Security
Why are APIs Important? API endpoints are the points through which APIs (Application Programming Interface) communicate with site visitors. APIs serve as the connections between different platforms and systems, allowing them to share information ...