Denial-of-service attacks (DoS) are the easiest to detect. The purpose of this type of attack is to stop the service. Unfortunately, one device is enough for the attacker to make access to the website completely inaccessible (e.g. - Slowloris attack).
Cloud Coden constantly monitors the number of connections on your server. If too many simultaneous connections are detected, Host’s life will automatically add the IP address to the 60-second blacklist to make sure all communications are blocked from the attacker’s IP.
After that, the IP address will be placed in the grey list, so that authorized users can delete the IP address if it is a real login. Cloud Coden DoS Detection also works alongside our AntiFlood module. When there are repeated attempts to discontinue the service, the IP address will be blacklisted for a longer period of time.
The virtual process (80 active connections at the same time) ensures a low false positive rate and effectively prevents DoS attacks that can be configured on each port, as well as incoming and outgoing communications.
Cloud Code CAPTCHA page is also protected against DoS attacks and requires minimal resources to run the CAPTCHA service.
The virtual service and grey menu provide the perfect balance between the low false positive rate and maximum protection.
In addition to blocking HTTPS attacks, Cloud Codin blocks FTP, POP3, IMAP and any other DoS attack based on TCP protocol.
Cloud Coden DoS detection module not only prevents internal attack attempts, but also outgoing DoS attempts.
By default, IP addresses above 80 active connections are blocked at the same time. This limit can be configured for each port.
When the 80 IP address exceeds an active connection at the same time, the attacker’s IP address will automatically be blacklisted. After 60 seconds, the IP address will be placed in the grey list, so that authorized users can delete it. You can configure blocking for each port and for incoming and outgoing connections as well.
Network layered DDoS (SYN flood, ICMP flow, UDP flow) are designed to overcome network devices and this server-side attack cannot be blocked. However, Cloud Codin provides indirect protection against DDoS. By constantly updating our global list of harmful IP addresses, most Android networks have already been blocked by Cloud Coden. The same IP addresses of Android networks are usually used to launch DDoS attacks, so our system will automatically block their requests.
DoS attacks on several protocols: HTTP, FTP, POP3, IMAP and any other DoS based on TCP protocol. By default, the following ports are monitored: 80 (HTTP), 25 (SMTP), 53 (DNS) and 22 (SSH). You can also customize ports in unit configuration.
The attacker’s IP address is blacklisted immediately for 60 seconds to make sure all active communications are blocked. (This time frame can be configured as needed.) After 60 seconds, the IP address is added to our grey list so that valid visitors are not blocked; They can delete the IP address using Cloud Code Browser Integrity Check or CAPTCHA