Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[EDU-6107] AI documentation update - 2025-01-24 - ddos mitigation #1461

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[EDU-6107] AI documentation update - 2025-01-24 - ddos mitigation #1461

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 16 additions & 1 deletion ...es/main-menu/reference/secure/edge-firewall/ddos-protection/ddos-mitigation.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -90,6 +90,16 @@ Some examples of detection and mitigation techniques employed include:
* Standby rules (to be used in response to incidents as they happen).
* Techniques to prevent brute force attacks.

### Creating Blocking Rules Using Regex
You can create custom blocking rules using Regex to filter multiple URIs. This is useful for blocking requests that match certain patterns. For instance, to block requests with specific patterns in their URIs, you can define a Regex pattern in the Edge Firewall.

[TECHWRITER TODO: INSERT EXAMPLE OF REGEX FOR BLOCKING MULTIPLE URIS]

### Blocking Requests Based on User-Agent
To block requests based on User-Agent strings, you can configure rules in Azion's Edge Firewall. This can be done through direct matching or using Regex to identify patterns in the User-Agent strings.

[TECHWRITER TODO: INSERT EXAMPLES OF BLOCKING USER-AGENT STRINGS USING DIRECT MATCHING AND REGEX]

:::tip
You can implement custom rules to mitigate specific attacks, using [Edge Firewall](/en/documentation/products/secure/edge-firewall/), a programmable firewall at the edge equipped with Network Layer Protection, Rate Limiting, WAF, and Bot Manager.
:::
Expand All @@ -104,6 +114,11 @@ Attack records and monitoring can be done through Azion **Real-Time Events**, **

Azion prioritizes algorithm development for automatic detection and blocking of attacks. Once a threat is identified, the Azion [Security Response Team (SRT)](/en/documentation/services/security-response-team/) tracks threats end-to-end and may come to apply customized rules to mitigate sophisticated network, transport, presentation, and application-layer DDoS attacks. These rules will be instantly enforced by the real-time architecture of **Edge Firewall**, allowing you to quickly and efficiently protect your content or application.

### Feeding a Network List using Azion's API
To automatically block an IP address after it has made a certain number of requests, you can utilize Azion's API to feed a Network List. This includes setting up authentication, determining the correct data format, and making the necessary API requests.

[TECHWRITER TODO: INSERT DETAILED INSTRUCTIONS ON HOW TO AUTHENTICATE, FORMAT DATA, AND MAKE EXAMPLE REQUESTS USING AZION'S API]

:::tip
The Security Response Team (SRT) can be contacted during or after an attack, or even preventively, in the construction of customized rules. This service is available as an add-on for **Enterprise** and **Mission Critical** service plans.
:::
:::