Have you ever stopped to think about how many resources a search engine has or if your website could handle the same amount of search traffic that Google does? Search engines play an important role on the internet and with how websites perform. One may say that they are the actual doorway to the online […]
Tag Archives: ddos
Real-Time Fine-Tuning of the WAF via API
Though the Sucuri Firewall is simple to set up and protects your website immediately, it’s possible to have granular control of the WAF by using an API. For instance, there’s a specific filter inside the WAF dashboard called Emergency DDoS. This filter basically increases the strength of the DDoS protection to an “emergency” level where […]
Inside the infamous Mirai IoT Botnet: A Retrospective Analysis
This is a guest post by Elie Bursztein who writes about security and anti-abuse research. It was first published on his blog and has been lightly edited. This post provides a retrospective analysis of Mirai — the infamous Internet-of-Things botnet that took down major websites via massive distributed denial-of-service using hundreds of thousands of compromised […]
On the Leading Edge – Cloudflare named a leader in The Forrester Wave: DDoS Mitigation Solutions
Cloudflare has been recognized as a leader in the “Forrester WaveTM: DDoS Mitigation Solutions, Q4 2017.” The DDoS landscape continues to evolve. The increase in sophistication, frequency, and range of targets of DDoS attacks has placed greater demands on DDoS providers, many of which were evaluated in the report. This year, Cloudflare received the highest […]
The New DDoS Landscape
News outlets and blogs will frequently compare DDoS attacks by the volume of traffic that a victim receives. Surely this makes some sense, right? The greater the volume of traffic a victim receives, the harder to mitigate an attack – right? At least, this is how things used to work. An attacker would gain capacity […]
Testing the Impacts of Website Caching Tools
Try to remember what you ate for lunch yesterday. It took you about 3-5 seconds, right? Ok. Now recall that memory once more. Took you less than a second this time, for sure. You remembered much faster the second time around because you didn’t have to “query” that information again from your brain’s “storage”. The […]
DDoS Ransom: An Offer You Can Refuse
Cloudflare has covered DDoS ransom groups several times in the past. First, we reported on the copycat group claiming to be the Armada Collective and then not too long afterwards, we covered the “new” Lizard Squad. While in both cases the groups made threats that were ultimately empty, these types of security events can send […]
Website Application Firewalls (WAF) – Practical Approach to Website Security
In 2016, I shared some thoughts about firewalls in general; their history and purpose in the information security domain. The point of the article was to help website owners differentiate between the types of firewalls they might encounter. Today, I will shift my focus specifically to website application firewalls (WAF). WAFs are not new, but […]
SSH Brute Force Compromises Leading to DDoS
A few weeks ago we ran an experiment to see how long it would take for some IPv4-only and IPv6-only servers to be compromised via SSH brute force attacks. We configured five cloud servers on Linode and Digital Ocean with the root password set to “password.” The idea was to see how long it would… […]
Product Update: Sucuri Firewall in Tokyo, Japan
For the last couple of years, we have been transitioning the Sucuri Firewall (WAF) away from the cloud and expanding it to run on top of our own Anycast content delivery network (CDN). We provide security for websites using our service and felt we needed to couple the performance benefits of a CDN with the… […]
