Do I have to set up anything for L3/L4 DDoS protection?
Network and transport layers (L3/L4) DDoS protection is turned on by default.
Navigate to ‘CDN’ > 'Enhanced security' > 'DDoS protection' and you can see the switches in the ‘Network layer’ box are turned on by default.
Network and transport layers (L3/L4) DDoS with Mlytics
Your domain is automatically protected from:
- TCP SYN flooding: attacks that exploit SYN part of the normal TCP 3-way handshake by overloading the targeted server with SYN segments, consuming the server’s resources, and rendering it unresponsive.
- TCP ACK flooding: attacks that attempt to overload a server with ACK segments, denying service to other users by slowing down or crashing the target server using junk data.
- UDP flooding: attacks in which a large number of UDP packets are sent to a targeted server with the aim of overwhelming that device’s ability to process and respond.
- Reflection attacks: attacks in which a very large number of forged UDP or TCP DNS requests that are bound to be sent from multiple DNS providers to a targeted server, that aims to overload the server and render it unresponsive.
The network and transport layers (L3/L4) DDoS protection cannot be deactivated for Pro plan and above