In today’s digital landscape, the threat of DDoS attacks looms large over cloud-based infrastructure. These distributed denial-of-service attacks have the potential to cripple online services, causing significant downtime and financial losses. As businesses increasingly rely on cloud platforms like Linode for their operations, the need for robust DDoS protection has become paramount to ensure continuous availability and security of critical applications and data.
This article delves into advanced strategies to enhance DDoS protection for Linode cloud environments. It explores Linode’s built-in security features and examines cutting-edge mitigation techniques, including the use of Web Application Firewalls and load balancing. The discussion also covers the importance of network monitoring, traffic analysis, and implementing cybersecurity best practices to strengthen cloud security. By understanding these advanced protection methods, organizations can better safeguard their Linode infrastructure against the ever-evolving landscape of DDoS threats.
Understanding DDoS Attacks in Cloud Environments
Distributed Denial-of-Service (DDoS) attacks have become a significant threat to cloud environments, causing service disruptions and financial losses. These attacks aim to overwhelm targeted servers, services, or networks by flooding them with a massive volume of Internet traffic [1]. In cloud-based infrastructures, DDoS attacks can affect all layers of the system, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) [2].
Types of DDoS Attacks
DDoS attacks can be categorized into several types, each targeting different components of a network connection:
- Application Layer Attacks: These attacks focus on exhausting the target’s resources by overwhelming the layer where web pages are generated and delivered in response to HTTP requests [1].
- Protocol Attacks: Also known as state-exhaustion attacks, these target vulnerabilities in layer 3 and layer 4 of the protocol stack. They aim to consume server resources and network equipment such as firewalls and load balancers [1].
- Volumetric Attacks: These attacks attempt to create congestion by consuming all available bandwidth between the target and the larger Internet. They often use amplification techniques or botnets to generate massive traffic volumes [1].
- IP Spoofing Attacks: In this type of attack, packet transmissions between the end-user and the cloud server are intercepted, and their headers are modified to forge the IP source field [2].
- SYN Flooding Attacks: These attacks exploit the TCP three-way handshake process by sending a large number of SYN packets without completing the handshake, leaving the server waiting for responses and unable to process legitimate requests [2].
- Smurf Attacks: Attackers send a high volume of ICMP echo requests with a spoofed source IP address, causing the victim to be flooded with broadcast responses [2].
Impact on Cloud Infrastructure
DDoS attacks can have severe consequences for cloud infrastructure:
- Service Interruptions: Attacks can cause slowdowns or complete unavailability of cloud services, affecting multiple data center locations and disrupting DNS infrastructure [3].
- Resource Exhaustion: DDoS attacks can overwhelm cloud resources, making it difficult for legitimate users to access services and potentially affecting other clients sharing the same infrastructure [3].
- Financial Losses: The global economic impact of DDoS attacks has resulted in hundreds of billions of dollars in losses [4].
- Reputation Damage: Prolonged or frequent attacks can erode customer trust and damage the cloud provider’s reputation.
Vulnerabilities in Linode Cloud
While Linode implements various security measures, certain vulnerabilities can still be exploited:
- Network Infrastructure: Attacks targeting Linode’s network infrastructure can be challenging to mitigate due to the segmentation of customers into individual subnets and the presence of numerous secondary IP addresses on routers [4].
- Colocation Providers: Attackers may target the cross-connects between Linode’s infrastructure and its colocation partners, making mitigation even more complex [4].
- Public-facing Services: Linode’s websites, authoritative nameservers, and other public services can be targeted by volumetric attacks [4].
- Customer IPs: Individual customer IP addresses within the Linode network can be targeted, potentially affecting the wider network if not properly isolated [4].
To combat these threats, Linode employs various mitigation techniques, including remote-triggered blackholing, which allows them to drop all traffic destined for a specific IP address when under attack [4]. However, this approach has limitations, especially when critical infrastructure components are targeted.
Understanding the nature of DDoS attacks in cloud environments is crucial for developing effective protection strategies. As attacks become more sophisticated, cloud providers like Linode must continually adapt their defenses to ensure the security and availability of their services.
Linode’s Built-in DDoS Protection Features
Linode has implemented advanced DDoS protection features to safeguard its customers’ servers and applications from potential attacks. This protection is now available for free to all Linode customers, providing an additional layer of security without adding latency to the cloud experience [5]. The built-in DDoS protection is designed to shield infrastructure from unforeseen downtime and latency caused by distributed denial-of-service attacks [5].
Network-level Mitigation
Linode’s DDoS protection operates at the network level, offering high-capacity protection against denial of service and web attacks [6]. This always-on protection is fully automated and integrated into Linode’s Next Generation Network, ensuring that customers’ infrastructure is continuously monitored and protected [5]. The network-level mitigation helps to maintain service availability and performance, even in the face of large-scale attacks.
Traffic Analysis and Filtering
A key component of Linode’s DDoS protection strategy is its advanced traffic analysis and filtering capabilities. The system employs a combination of machine learning and rules-based approaches to intelligently analyze and block malicious traffic [5]. This sophisticated analysis allows Linode to differentiate between legitimate user traffic and potential threats, minimizing the risk of false positives.
The traffic filtering process involves:
- Continuous monitoring of network traffic for potential threats
- Real-time analysis of traffic patterns and behaviors
- Automatic creation of rules to keep good traffic while blocking threats
- Inline blocking of identified malicious traffic
This multi-layered approach to traffic analysis and filtering helps to ensure that legitimate users can access services without interruption while effectively mitigating DDoS attacks.
Automatic Threat Detection
Linode’s DDoS protection features include an advanced automatic threat detection system. This system is designed to identify and respond to potential threats quickly and efficiently. Key aspects of the automatic threat detection include:
- Always-on monitoring: The protection system continuously monitors the network for signs of DDoS attacks or other security threats [6].
- Machine learning-based analysis: Threats are detected, analyzed, and blocked inline using advanced machine learning algorithms [6]. This allows the system to adapt to new attack patterns and improve its detection capabilities over time.
- Intelligent rule creation: Based on the analysis of traffic patterns, the system automatically creates rules that allow legitimate traffic to pass while blocking identified threats [6]. This dynamic rule creation helps to maintain a balance between security and accessibility.
- Rapid response: When a threat is detected, the system can quickly implement mitigation measures to protect the affected infrastructure.
It’s important to note that while Linode’s built-in DDoS protection offers robust defense against many types of attacks, it does have some limitations. The service primarily focuses on larger-scale attacks and may not protect against smaller layer 7 attacks [5]. For comprehensive protection, customers are advised to implement additional security measures at the application level.
Linode’s approach to DDoS protection allows customers to scale their infrastructure with confidence, knowing that they have a strong defense against potential attacks. The combination of network-level mitigation, advanced traffic analysis, and automatic threat detection provides a comprehensive solution for protecting cloud-based services from DDoS threats.
By offering this protection as a free, integrated feature, Linode demonstrates its commitment to providing a secure and reliable cloud environment for its customers. This proactive approach to security helps businesses maintain their online presence and minimize the risk of service disruptions due to malicious attacks.
Advanced DDoS Mitigation Techniques
As DDoS attacks become increasingly sophisticated, organizations must employ advanced mitigation techniques to protect their infrastructure. This section explores three key strategies: traffic scrubbing, rate limiting, and IP reputation filtering.
Traffic Scrubbing
Traffic scrubbing has emerged as a powerful technique to counter large-scale DDoS attacks. This method involves redirecting traffic destined for a particular IP address range to specialized datacenters, where malicious traffic is “scrubbed” or cleaned before legitimate traffic is forwarded to the target destination [7].
Most DDoS scrubbing providers operate three to seven globally distributed scrubbing centers, each equipped with DDoS mitigation equipment and substantial bandwidth capacity, often exceeding 350Gbps [7]. When under attack, customers can “push the button” to redirect all traffic to the nearest scrubbing center for cleaning.
Organizations typically utilize scrubbing centers in two ways:
- Always-on protection: Routing traffic through scrubbing centers continuously.
- On-demand protection: Redirecting traffic only when an attack occurs.
To enhance protection against a broad range of attack vectors, many organizations adopt hybrid models. These often combine on-premise systems as the first line of defense with scrubbing centers stepping in when local defenses are overwhelmed [7]. Seamless integration between cloud and on-premise solutions is crucial to minimize downtime during attacks.
While scrubbing centers primarily protect infrastructure within a customer’s environment, such as DNS servers and mail relays, organizations are increasingly turning to content distribution network (CDN)-based DDoS mitigation services to safeguard web and mobile applications, as well as API traffic for IoT applications [7].
Rate Limiting
Rate limiting is an essential technique for mitigating DDoS attacks by restricting the number of requests a user or IP address can make within a specified timeframe. This method effectively filters out malicious traffic and prevents DDoS attacks by ensuring that legitimate requests can reach the system without impacting overall application performance [8].
There are several approaches to implementing rate limiting:
- User rate limits: The most common method, tracking requests by user IP address or API key.
- Geographic rate limits: Setting limits for specific regions.
- Server rate limits: Applying limits at the server level for different parts of an application.
Rate limiting algorithms include:
- Fixed-window: Restricts requests within a set timeframe.
- Leaky bucket: Focuses on fixed-length request queues without specific timeframes.
- Sliding-window: Starts the timeframe when a new request is made.
To effectively configure rate limiting, organizations should implement granular control, use dynamic adjustments based on real-time scenarios, and employ proper monitoring and logging systems [8]. This approach helps reduce false positives and ensures genuine users can access services without interruption.
IP Reputation Filtering
IP reputation filtering is a proactive approach to DDoS mitigation that leverages historical data and behavior patterns to identify and block potentially malicious traffic. This technique involves building a database of known malicious IP addresses and using this information to filter incoming requests.
One innovative implementation of IP reputation filtering is Cloudflare’s Advanced DNS Protection system. This system builds a data model of each customer’s expected DNS queries based on historical records. By inspecting every DNS query sent to Magic Transit customers, the system can more accurately decide which queries are legitimate and which should be dropped [9].
Key features of advanced IP reputation filtering systems include:
- Continuous data processing and profile updates
- Compact representation of query data for efficient distribution
- Built-in tolerance for unexpected but potentially legitimate queries
By leveraging machine learning and real-time analysis, these systems can adapt to evolving threat landscapes and provide more effective protection against sophisticated DDoS attacks.
Implementing a comprehensive DDoS mitigation strategy often requires a combination of these advanced techniques. Organizations should consider their specific needs, infrastructure, and risk profile when selecting and configuring these solutions to ensure optimal protection against the ever-evolving threat of DDoS attacks.
Implementing Web Application Firewalls (WAF)
Web Application Firewalls (WAFs) have become an essential component in protecting applications from various cyber threats. A WAF prevents malicious traffic from interacting with an application and safeguards data from unauthorized access [10]. This layer of security is particularly crucial for web applications, which are vulnerable to attacks like cross-site scripting and SQL injections that can bypass broader network-level security configurations [10].
Benefits of WAF for DDoS Protection
WAFs offer significant advantages in mitigating Distributed Denial of Service (DDoS) attacks, especially at the application layer. Unlike lower-layer DDoS attacks that target network resources, application-layer DDoS attacks work by exhausting application-specific attributes such as login attempts. WAFs can keep state on existing sessions and track the rate of new connection attempts, allowing them to shut down DDoS attempts before they reach application servers [11].
Moreover, WAFs provide very granular control over application behavior, particularly for web-based applications. Many WAFs utilize deep-packet inspection (DPI) and other techniques to examine user traffic thoroughly [11]. This level of inspection enables WAFs to identify and block multiple classes of attacks that network firewalls might miss, including:
- Vulnerable Code Libraries: WAFs can identify and block attempts to exploit weak libraries by inspecting application-layer headers and, in some cases, body content [11].
- Deserialization Attacks: WAFs mitigate this threat by “pre-assembling” and inspecting data blocks before they reach the web application [11].
- Cross-Site Scripting (XSS) Attacks: Application firewalls can help by identifying and blocking malicious code embedded in input fields [11].
Configuring WAF Rules
Effective implementation of a WAF requires careful configuration of rules to balance security and functionality. Here are some key considerations when configuring WAF rules:
- Assess Your Application: Consider the volume of data your application handles and the sensitivity of that data. This assessment will help determine the level of protection required [10].
- Compliance Requirements: Choose a WAF that aligns with the compliance standards required for your application and data [10].
- Monitoring and Logging: Implement robust monitoring and logging features to gain visibility into incoming requests, IP addresses, and potential threats [10].
- Machine Learning Integration: Consider WAFs that use machine learning analysis to adapt to evolving security threats and standards [10].
- Regular Updates: Ensure that your WAF rules are regularly updated to protect against the latest vulnerabilities and attack vectors.
Integrating WAF with Linode
Linode offers several options for integrating WAF protection into your cloud infrastructure. One notable solution is the Haltdos Community WAF, which can be easily deployed through the Linode Marketplace. Here’s a brief overview of the integration process:
- Access the Marketplace: Log in to the Cloud Manager and select the Marketplace link from the left navigation menu [12].
- Select the App: Choose the Haltdos Community WAF from the available applications [12].
- Configure the Instance: Follow the steps to create a Compute Instance, selecting the appropriate plan and configuration options [12].
- Deploy the WAF: Once the instance is provisioned and fully powered on, wait for the software installation to complete [12].
- Access the WAF Interface: Navigate to port 9000 on your Linode’s IP address (https://$IPADDRESS:9000) to access the WAF configuration interface [12].
- Complete Registration: Follow the initial registration process, including email verification, to set up your Haltdos Community WAF account [12].
- Start Configuration: Once registration is complete, you can begin configuring the WAF to protect your applications [12].
By implementing a WAF on your Linode infrastructure, you add an essential layer of protection against various web-based threats, including DDoS attacks. The combination of Linode’s robust cloud platform and a well-configured WAF provides a comprehensive security solution for your web applications.
Load Balancing and Traffic Distribution
Load balancing is a crucial method for optimizing network performance and enhancing system endurance. It helps distribute work and load steadily between servers or components in the system, preventing overload and ensuring efficient operation [13]. By implementing load balancing strategies, organizations can significantly improve their ability to handle high traffic volumes and mitigate the impact of DDoS attacks.
Using Linode NodeBalancers
Linode offers NodeBalancers as a powerful tool for distributing traffic across multiple servers. NodeBalancers employ various load balancing methods to distribute access requests fairly and intelligently [13]. These methods include:
- Round Robin: Distributes requests sequentially across all available servers.
- Least Connections: Directs traffic to the server with the fewest active connections.
- IP Hash: Uses the client’s IP address to determine which server should handle the request.
- Layer 4 Load Balancing: Operates at the transport layer, making routing decisions based on IP addresses and ports.
- Layer 7 Load Balancing: Works at the application layer, allowing for more sophisticated traffic routing based on content type or specific URL patterns.
By leveraging these load balancing techniques, NodeBalancers ensure that requests from users are divided evenly among different servers, helping to avoid server overload and maintain high performance [13].
One limitation of NodeBalancers is the lack of root access, which can make it challenging to implement certain DDoS mitigation strategies, such as using iptables to block a range of malicious IPs [14]. However, NodeBalancers can be complemented with other security measures, such as mod_evasive in Apache, which can take countermeasures against IPs sending too many requests too quickly [14].
Geographic Distribution
Geographic distribution is an essential strategy for enhancing system resilience and mitigating the impact of DDoS attacks. By placing servers in multiple locations, organizations can disperse traffic and minimize the effect of an attack on the entire system [13]. This approach offers several benefits:
- Improved Response Time: Distributing servers across different geographic locations reduces latency for users, as they can connect to the nearest server.
- Enhanced Redundancy: If one region is under attack or experiencing issues, servers in other locations can continue to operate, ensuring system availability.
- Load Distribution: Traffic is naturally spread across multiple data centers, reducing the strain on any single location.
Linode’s global network is protected by advanced DDoS mitigation in all of its data centers, helping to fend off attacks on customer infrastructure [15]. This global distribution allows for more effective traffic management and attack mitigation.
Anycast DNS
Anycast DNS is a powerful technique for improving the resilience and performance of DNS infrastructure, which is often a primary target in DDoS attacks. Linode’s DDoS protection leverages Anycast technology to distribute traffic across its global fiber backbone [15].
Key benefits of Anycast DNS in DDoS mitigation include:
- Automatic Traffic Distribution: Anycast automatically routes requests to the nearest available server, helping to absorb and diffuse attack traffic.
- Improved Redundancy: If one DNS server is overwhelmed, traffic can be seamlessly redirected to other servers in the Anycast network.
- Faster Response Times: By routing DNS queries to the closest server, Anycast reduces latency and improves overall performance.
Linode’s implementation of Anycast DNS allows for rapid detection, analysis, and blocking of attacks on customer infrastructure in real-time [15]. The system uses machine learning to create rules automatically, intelligently rerouting malicious traffic during a DDoS event while maintaining good traffic flow [15].
By combining load balancing techniques, geographic distribution, and Anycast DNS, organizations can create a robust defense against DDoS attacks while ensuring high availability and performance for legitimate users. These strategies, when implemented effectively, provide a multi-layered approach to traffic management and security, essential for maintaining a resilient online presence in today’s threat landscape.
Monitoring and Alerting Systems
Effective monitoring and alerting systems are crucial for maintaining the security and performance of cloud infrastructure. These systems help administrators detect and respond to potential threats, including DDoS attacks, in a timely manner. Linode offers various tools and features to support comprehensive monitoring and alerting capabilities.
Real-time Traffic Analysis
Real-time traffic analysis is essential for identifying and mitigating DDoS attacks quickly. Linode’s DDoS protection system employs advanced techniques to monitor network traffic continuously:
- Always-on Protection: Linode’s DDoS mitigation system provides constant monitoring for threats to the network, ensuring round-the-clock protection for customer infrastructure [16].
- Machine Learning Analysis: The system uses machine learning algorithms to detect, analyze, and block threats inline. This approach allows for rapid identification of potential DDoS attacks and other security issues [16].
- Automatic Rule Creation: Based on the analysis, the system automatically creates rules that maintain good traffic flow while blocking identified threats. This dynamic approach helps to minimize false positives and ensure legitimate users can still access services during an attack [16].
For more granular monitoring, administrators can utilize tools like Nagios, which offers a built-in dashboard and a range of plugins to meet various monitoring needs [17]. Nagios provides comprehensive visibility into server performance, including CPU, memory, and I/O statistics, helping to isolate issues before they escalate into major problems [17].
Setting Up Custom Alerts
Custom alerts are crucial for promptly notifying administrators of potential security threats or performance issues. Linode provides several options for setting up and managing alerts:
- Linode Manager: The Linode Manager offers basic monitoring of system resource utilization, including Network, CPU, and Input/Output usage over the last 24 hours and 30 days [17]. While this provides a good overview, it’s often beneficial to set up more detailed custom alerts.
- Third-party Tools: Many monitoring tools compatible with Linode allow for custom alert configuration. For example:
- Nagios: Offers alert and notification capabilities that can be customized to suit specific needs [17].
- Zabbix: An open-source application that can monitor servers, networks, and applications, allowing for custom alert setups [17].
- OSSEC: A host-based intrusion detection system that performs log analysis and provides time-based alerting [17].
- Log Monitoring: Tools like Logwatch can be used to analyze and generate daily reports on system log activity, helping to identify unusual patterns that may indicate a security threat [17].
When setting up custom alerts, it’s important to consider factors such as threshold levels, alert frequency, and notification methods to ensure that administrators receive timely and relevant information without being overwhelmed by false alarms.
Incident Response Planning
An effective incident response plan is crucial for managing DDoS attacks and other security threats. While specific details of Linode’s internal response procedures are not publicly available, the following general principles can guide the development of an incident response plan:
- Rapid Detection: Utilize real-time monitoring tools to quickly identify potential DDoS attacks or other security incidents [16].
- Automated Mitigation: Implement systems that can automatically respond to detected threats, such as Linode’s DDoS protection which blocks malicious traffic inline [16].
- Escalation Procedures: Establish clear guidelines for when and how to escalate incidents to higher-level support or management.
- Communication Protocols: Define procedures for notifying affected customers and stakeholders during an incident.
- Post-incident Analysis: After resolving an incident, conduct a thorough analysis to improve future response strategies and prevent similar occurrences.
By combining robust monitoring tools, customized alerting systems, and a well-defined incident response plan, organizations can significantly enhance their ability to detect, mitigate, and recover from DDoS attacks and other security threats in their Linode cloud environment.
Best Practices for Application-Level Protection
Input Validation
Input validation is a critical component of application-level protection, ensuring that only properly formed data enters the system’s workflow. This practice prevents malformed data from persisting in the database and triggering malfunctions in downstream components [18]. To implement effective input validation:
- Validate data as early as possible in the data flow, preferably upon receipt from external parties.
- Subject data from all potentially untrusted sources to validation, including Internet-facing web clients and backend feeds from suppliers, partners, or regulators.
- Implement validation using programming techniques that enforce syntactic and semantic correctness, such as:
- Data type validators available in web application frameworks
- JSON Schema and XML Schema validation for structured data
- Type conversion with strict exception handling
- Range checks for numerical parameters and dates
- Regular expressions for structured data
Allowlist validation is particularly effective for user input fields, defining exactly what is authorized and, by definition, disallowing everything else [18]. For free-form text input, consider using:
- Normalization to ensure canonical encoding
- Character category allowlisting
- Individual character allowlisting for specific cases
It’s crucial to implement input validation on the server-side before any data processing occurs, as client-side validation can be circumvented by attackers [18].
API Rate Limiting
Rate limiting is an essential technique for protecting APIs from abuse and preventing resource exhaustion. It works by restricting access to resources based on predefined criteria, often using the client’s IP address as an identifier [8]. Key aspects of implementing effective API rate limiting include:
- Setting appropriate rate thresholds and time windows
- Implementing granular control based on IP addresses, API endpoints, and request parameters
- Using dynamic adjustments to adapt to changing traffic conditions
- Preventing false positives to ensure legitimate users maintain access
When configuring rate limits, organizations should consider historical traffic patterns, peak usage times, and expected user behavior to strike the right balance between security and usability [8].
Content Delivery Networks (CDNs)
Utilizing Content Delivery Networks (CDNs) can significantly enhance application-level protection while improving performance. CDNs, such as Cloudflare, offer several benefits for web applications hosted on platforms like Linode [19]:
- Downtime protection: CDNs can serve cached versions of your site during unexpected server outages.
- Lower server load: Edge servers respond to visitor requests with cached content, reducing the workload on origin servers.
- Faster response times: Geographically distributed edge servers deliver content to visitors more quickly.
CDNs also provide robust protection against Distributed Denial of Service (DDoS) attacks. While individual servers may struggle with large-scale attacks, CDN networks are engineered to absorb and deflect such threats effectively [19].
By implementing these best practices for application-level protection, organizations can significantly enhance their defense against various cyber threats, including DDoS attacks, while maintaining optimal performance and user experience.
Conclusion
To wrap up, the implementation of advanced DDoS protection strategies has a significant impact on Linode cloud security. The combination of built-in features, traffic scrubbing, and Web Application Firewalls provides a robust defense against evolving threats. What’s more, the use of load balancing and geographic distribution enhances system resilience and performance.
In the end, effective monitoring and alerting systems, coupled with best practices for application-level protection, form a comprehensive approach to safeguard cloud infrastructure. By adopting these strategies, organizations can better protect their Linode-hosted services from DDoS attacks, ensuring continued availability and security of their critical applications and data. This multifaceted approach is crucial to maintain a strong defense in today’s ever-changing cybersecurity landscape.
FAQs
Does Linode offer DDoS protection?
Yes, Linode provides advanced DDoS protection across its global network, which is implemented in all data centers to shield your infrastructure from attacks. This service is available to all customers at no additional cost.
What does advanced DDoS protection entail?
Advanced DDoS protection, such as Cloud Armor, offers continuous protection by detecting and mitigating DDoS attacks. This includes defense against volumetric attacks like SYN floods, UDP floods, and reflection attacks involving DNS and NTP.
How does cloud technology safeguard against DDoS attacks?
Cloud-based DDoS protection differs from traditional methods that use physical hardware. It employs distributed cloud resources to identify, mitigate, and absorb DDoS traffic, preventing it from impacting the targeted network or application.
What is the most effective method to mitigate DDoS attacks?
One of the most effective strategies is to minimize your attack surface. This can be achieved by using Content Distribution Networks (CDNs) or Load Balancers, which help distribute traffic and reduce direct internet access to sensitive parts of your infrastructure, such as database servers.
References
[1] – https://www.cloudflare.com/learning/ddos/what-is-a-ddos-attack/
[2] – https://arxiv.org/pdf/1511.08839
[3] – https://securityintelligence.com/news/ddos-attacks-storm-linode-servers-worldwide/
[4] – https://www.linode.com/blog/cloud-computing/christmas-ddos-retrospective/
[5] – https://www.linode.com/blog/networking/ddos-an-additional-layer-of-security-from-linode/
[6] – https://www.linode.com/docs/products/networking/ddos-protection/?lang=es
[7] – https://www.computerweekly.com/news/252456702/How-traffic-scrubbing-can-guard-against-DDoS-attacks
[8] – https://www.getambassador.io/blog/configure-rate-limits-prevent-ddos-best-practices
[9] – https://blog.cloudflare.com/advanced-dns-protection
[10] – https://www.linode.com/blog/security/level-up-application-security-web-application-firewall/
[11] – https://www.linode.com/docs/guides/network-firewalls-vs-application-firewalls/
[12] – https://www.linode.com/marketplace/apps/haltdos/haltdos-community-waf/
[13] – https://www.vnetwork.vn/en-US/news/chong-ddos-cach-chong-ddos-cho-web-server-bao-mat-website-hieu-qua/
[14] – https://www.linode.com/community/questions/8860/nodebalancer-vs-ddos
[15] – https://www.linode.com/docs/products/networking/ddos-protection/
[16] – https://www.linode.com/products/ddos/
[17] – https://www.linode.com/docs/guides/uptime/monitoring/
[18] – https://cheatsheetseries.owasp.org/cheatsheets/Input_Validation_Cheat_Sheet.html
[19] – https://www.linode.com/docs/guides/how-to-set-up-cloudflare-with-linode/
I visit daily a few web pages and websites to read articles or
reviews, but this weblog provides quality based content.