A Distributed Denial of Service attack, or DDoS attack, floods a server or network with traffic from many sources at once, aiming to overwhelm it so real users cannot get through. The flood of requests uses up bandwidth, processing power, or connection limits until the service slows down or crashes.
An attacker typically controls a large number of compromised devices, often called a botnet, spread across many networks and locations. The attacker commands all these devices to send requests to the same target at the same time. Because the traffic comes from thousands of different IP addresses, it is much harder to block than an attack from a single source. Some DDoS attacks aim to exhaust bandwidth, while others target application weaknesses to use up server resources with fewer requests.
Match the strength of this control to what is actually at risk in the workflow.
USER-country-de-session-task01The credential string is the only configuration needed -- "country-de" sets the exit, "session-task01" keeps it consistent, and ddos is handled by the gateway rather than your application code.
Test the setup with a leak-test tool or packet capture to confirm this protection is actually working, not just configured.
Pair this with sane session handling and header hygiene -- no single control covers a full workflow on its own.
Apply the strongest version of this control to logins, payments, and personal data -- it is overkill for public information.
Do not let two workflows that need to stay separate for privacy or account reasons share the same session or IP.
An online store goes offline during a big sale after a botnet floods its servers with millions of fake requests per minute.
DDoS attacks can take a business offline for hours, causing lost revenue and damaged trust. Companies rely on traffic filtering, rate limiting, and large-scale network defenses to absorb and block these floods.
A regular spike comes from real users and grows gradually, while a DDoS attack arrives suddenly from many machines with the clear goal of overwhelming the service. Traffic patterns and request behavior usually reveal the difference.
Reverse proxies and content delivery networks can absorb and filter attack traffic before the traffic reaches the origin server. This approach is a common part of DDoS defense.
Ready to put this into practice? Security Documentation
Start a free trial and test with real targets -- no credit card, no sales call.