A DDoS attack does not try to break in — it tries to drown you in traffic until real visitors cannot get through. Here is how our network keeps that from becoming your problem.
Three layers of filtering
- Volumetric scrubbing — massive floods are absorbed and filtered at the network edge, far from your server.
- Protocol defence — SYN/UDP/ICMP abuse is rate-limited and challenged automatically.
- Application layer — Layer-7 rules catch bot floods that try to look like real page views.
Always on, no toggle required
Protection is enabled on every plan by default — there is no separate add-on to buy and nothing to switch on during an incident. Mitigation kicks in within seconds of an anomaly being detected.
What you should still do
Keep software patched, put a CDN in front of static assets, and use strong origin firewall rules. Defence in depth always beats a single magic switch.