Mitigation - The Cloudflare Blog

SLP: a new DDoS amplification vector in the wild

April 25, 2023 2:07PM

Researchers have recently published the discovery of a new DDoS reflection/amplification attack vector leveraging the SLP protocol. Cloudflare expects the prevalence of SLP-based DDoS attacks to rise in the coming weeks...

How to drop 10 million packets per second

July 06, 2018 2:00PM

DDoS Mitigation Reliability Attacks Security

Internally our DDoS mitigation team is sometimes called "the packet droppers". When other teams build exciting products to do smart things with the traffic that passed through our network, we take joy in discovering novel ways of discarding it....

Marek Majkowski

Today we mitigated 1.1.1.1

June 01, 2018 2:13AM

Reliability Post Mortem Mitigation 1.1.1.1 DNS

Cloudflare is protected from attacks by the Gatebot DDoS mitigation pipeline. Gatebot performs hundreds of mitigations a day, shielding our infrastructure and our customers from L3 and L7 attacks....

Marek Majkowski

Rate Limiting: Delivering more rules, and greater control

May 21, 2018 9:41PM

Rate Limiting Product News Reliability Speed & Reliability Attacks

With more and more platforms taking the necessary precautions against DDoS attacks like integrating DDoS mitigation services and increasing bandwidth at weak points, Layer 3 and 4 attacks are just not as effective anymore....

Alex Cruz Farmer

Memcrashed - Major amplification attacks from UDP port 11211

February 27, 2018 2:38PM

DDoS Developers Mitigation Reliability Attacks

Over last couple of days we've seen a big increase in an obscure amplification attack vector - using the memcached protocol, coming from UDP port 11211. In the past, we have talked a lot about amplification attacks happening on the internet....

Marek Majkowski

December 07, 2017 8:44PM

On the Leading Edge - Cloudflare named a leader in The Forrester Wave: DDoS Mitigation Solutions

Cloudflare has been recognized as a leader in the “Forrester WaveTM: DDoS Mitigation Solutions, Q4 2017.”...

By

Jen Taylor

DDoS , Awards , Reliability , Mitigation , Security

November 23, 2017 3:28AM

The New DDoS Landscape

News outlets and blogs will frequently compare DDoS attacks by the volume of traffic that a victim receives. Surely this makes some sense, right? The greater the volume of traffic a victim receives, the harder to mitigate an attack - right?...

By

Junade Ali

DDoS , Attacks , Security , Reliability , Mitigation

September 25, 2017 2:00PM

No Scrubs: The Architecture That Made Unmetered Mitigation Possible

When building a DDoS mitigation service it’s incredibly tempting to think that the solution is scrubbing centers or scrubbing servers. I, too, thought that was a good idea in the beginning, but experience has shown that there are serious pitfalls to this approach....

By

John Graham-Cumming

Product News , Reliability , DDoS , Birthday Week , Mitigation

September 25, 2017 2:00PM

Meet Gatebot - a bot that allows us to sleep

In the past, we’ve spoken about how Cloudflare is architected to sustain the largest DDoS attacks. During traffic surges we spread the traffic across a very large number of edge servers....

By

Marek Majkowski

DDoS , Mitigation , Reliability , Birthday Week , Security

September 25, 2017 2:00PM

Unmetered Mitigation: DDoS Protection Without Limits

This is the week of Cloudflare's seventh birthday. It's become a tradition for us to announce a series of products each day of this week and bring major new benefits to our customers. We're beginning with one I'm especially proud of: Unmetered Mitigation....

By

Matthew Prince

Product News , DDoS , Reliability , Birthday Week , Security

April 13, 2017 9:34PM

Cloudflare Rate Limiting - Insight, Control, and Mitigation against Layer 7 DDoS Attacks

Today, Cloudflare is extending its Rate Limiting service by allowing any of our customers to sign up. Our Enterprise customers have enjoyed the benefits of Cloudflare’s Rate Limiting offering for the past several months....

By

Timothy Fong

Rate Limiting , Reliability , Product News , DDoS , Attacks

December 02, 2016 1:21PM

The Daily DDoS: Ten Days of Massive Attacks

Back in March my colleague Marek wrote about a Winter of Whopping Weekend DDoS Attacks where we were seeing 400Gbps attacks occurring mostly at the weekends. We speculated that attackers were busy with something else during the week....

By

John Graham-Cumming

DDoS , Attacks , Protection , Reliability , Security

November 08, 2016 6:56PM

The Internet is Hostile: Building a More Resilient Network

The strength of the Internet is its ability to interconnect all sorts of networks — big data centers, e-commerce websites at small hosting companies, Internet Service Providers (ISP), and Content Delivery Networks (CDN) — just to name a few....

By

Jérôme Fleury

DDoS , Mitigation , Attacks , Bandwidth , Salt

October 26, 2016 1:59PM

How Cloudflare's Architecture Allows Us to Scale to Stop the Largest Attacks

The last few weeks have seen several high-profile outages in legacy DNS and DDoS-mitigation services due to large scale attacks. Cloudflare's customers have, understandably, asked how we are positioned to handle similar attacks....

By

Matthew Prince

DDoS , Attacks , Mitigation , Protection , DNS