Do I have to set up anything for L3/L4 DDoS protection?

Network and transport layers (L3/L4) DDoS protection is turned on by default. 

Navigate to ‘CDN’ > 'Enhanced security' > 'DDoS protection' and you can see the switches in the ‘Network layer’ box are turned on by default.

Network and transport layers (L3/L4) DDoS with Mlytics

Your domain is automatically protected from:

  • TCP SYN flooding: attacks that exploit SYN part of the normal TCP 3-way handshake by overloading the targeted server with SYN segments, consuming the server’s resources, and rendering it unresponsive.
  • TCP ACK flooding: attacks that attempt to overload a server with ACK segments, denying service to other users by slowing down or crashing the target server using junk data.
  • UDP flooding: attacks in which a large number of UDP packets are sent to a targeted server with the aim of overwhelming that device’s ability to process and respond.
  • Reflection attacks: attacks in which a very large number of forged UDP or TCP DNS requests that are bound to be sent from multiple DNS providers to a targeted server, that aims to overload the server and render it unresponsive.

The network and transport layers (L3/L4) DDoS protection cannot be deactivated for Pro plan and above