Contact Us
If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.
I. Solomon
13
Article
Last Month
-69.23%
Avoiding False Positives With Cloudflare Bots-Based WAF Rules
Published February 19th, 2025 by I. Solomon
Cloudflare Bot Management is designed to protect websites and web applications from malicious bot activities. It leverages machine learning, behavioral analysis, and fingerprinting techniques to accurately identify and mitigate harmful bots. Cloudflare offers customizable bot management rules, allowing businesses to tailor their protection strategie
Akamai WAF Best Practices
Published February 19th, 2025 by I. Solomon
This document describes the best practice definitions based on the experience of the Red Button company. The experience includes implementation with many customers, testing and participating in real DDoS attacks that Akamai WAF was the main defense. [1] Every time a setting is changed in WAF, the user is required to approve a new version . Before
Akamai Site Shield
Published February 19th, 2025 by I. Solomon
DDoS mitigation often involves placing a CDN or significant reverse proxies as a protection layer before web services. However, sophisticated attackers may attempt to reveal the origin network or IP address and attack directly, rendering the mitigation layer ineffective. This is known as a ‘Direct-to-Origin’ (D2O) attack. Site Shield, provided by
Cloudflare Best Practices for DDoS Protection
Published February 10th, 2025 by I. Solomon
Introduction This article outlines the best practices for implementing Cloudflare Cloud Web Application Firewall (WAF) security configurations that are essential for application DDoS protection. It is aligned with the Red Button DDoS mitigation strategy and serves as a guideline for optimizing Cloudflare Cloud WAF for customers. Article Overview The
Understanding DDoS Attack Vectors
Published February 11th, 2025 by I. Solomon
Volumetric attacks - Test your ability to withstand extreme and sustained attacks. Includes UDP floods and ICMP floods. The attack’s goal is to saturate the bandwidth of the attacked site, and magnitude is measured in bits per second (Bps). Application-layer attacks - Send excessive HTTP/S GET or POST requests to test your resistance to resource exh
AWS DDoS Mitigation Best Practices
Published February 10th, 2025 by I. Solomon
Introduction This article aims to assist users in implementing comprehensive Distributed Denial of Service (DDoS) protection using AWS utilities. It serves as a hands-on implementation manual aligned with the AWS DDoS mitigation strategy. Users are encouraged to read the AWS DDoS mitigation strategy document prior to this guide. The following sectio
Akamai Caching Recommendations
Published February 19th, 2025 by I. Solomon
Introduction This article provides recommendations for optimizing Akamai caching configurations. Akamai’s CDN caching service acts as a valuable layer of DDoS protection. When an attacker targets static (cacheable) content, the CDN’s caching servers serve it, preventing the attack from reaching its origin and effectively absorbing it. Red Button enc
Basic Rate Limit Configuration for DDoS Protection
Published February 19th, 2025 by I. Solomon
Rate limit rules are essential for protecting against Distributed denial-of-service (DDoS) attacks by controlling the rate of incoming traffic to critical resources. By distinguishing between legitimate and malicious traffic, these rules help prevent service disruption and resource exhaustion. Proper configuration and calibration ensure that rate li
DDoS Mitigation Strategy Using Imperva Web Protection
Published February 10th, 2025 by I. Solomon
Overview: This article provides a comprehensive strategy for mitigating Distributed Denial of Service (DDoS) attacks using Imperva Web Protection (formerly Incapsula). The outlined approach aims to enhance web application security through structured configuration and proactive measures. Key Components of the DDoS Mitigation Strategy: Mapping Web End
JA3/JA4 Fingerprints
Published March 5th, 2025 by I. Solomon
Overview JA3 and JA4 are cryptographic fingerprinting techniques used to identify and analyze Transport Layer Security (TLS) client and server communications. These fingerprints help security teams detect malicious activities, including botnets, malware, and evasive threats that disguise themselves in encrypted traffic. What is JA3? JA3 is a method
AWS Shield Advanced DDoS Visibility with CloudWatch
Published February 10th, 2025 by I. Solomon
Introduction AWS Shield Advanced offers enhanced Distributed Denial of Service (DDoS) protection, enabling organizations to detect, mitigate, and respond to DDoS attacks in real-time. Integration with AWS CloudWatch is a pivotal feature, providing continuous visibility into DDoS activity and aiding in maintaining a robust security posture. This arti
Web Challenges Procedure for DDoS Mitigation
Published February 19th, 2025 by I. Solomon
Web challenges or web-based verification methods are crucial in differentiating between human users and automated bots, particularly effective against layer 7 DDoS attacks involving numerous HTTP requests. Here are the common types of web challenges: Javascript: This challenge identifies legitimate browsers that support Javascript, which most bots c
Common DDoS Attack Vectors
Published February 12th, 2025 by I. Solomon
DDoS attack vectors are the methods used by attackers to overwhelm a target system, network, or service with excessive traffic, causing disruption or denial of access to legitimate users, and the list below highlights some of the more common available attack vectors. Layer Type AV Description Network TCP SYN flood TCP-based flood attack, abusing the
Load More