A denial of service (DoS) attack is an attack intended to make a resource unavailable to users. Historically intended to bring down services, resources, and websites, DoS attacks could become an increasingly pervasive part of our lives as technology advances.
DoS attacks today primarily target websites. The Alert Logic® Web Application Firewall (WAF), formerly known as Web Security Manager Premier, has several features that help protect against DoS attacks. These features include:
- The Alert Logic WAF is fully managed, providing 24/7* support and guidance from our Security Operations Center (SOC).
- When not behind a load balancer, network level protection limits request rates and concurrency by outright blocking IPs that exceed certain limits.
- At the application level, the Alert Logic WAF can slow requests and protect against brute force attempts and other rate-based attacks through HTTP request throttling and connection limiting. These techniques also help ensure that resources are optimized in peak situations.
- The Alert Logic WAF allows you to blacklist countries that do not send valid traffic to your application. This eliminates any possible DoS attacks from those countries.
- For DoS attacks that exhaust server resources by making requests extremely slow (thereby hogging server resources that are waiting for client input), the Alert Logic WAF combats these attacks by:
- Enforcing timeout limits for both client request header and client request body. If the request header or the request body is not received with a set timeout, the connection is closed. Attacks like Slowloris and Slow HTTP POST that are notorious about sending requests slowly can be dealt with via this type of timeout configuration.
- Buffering all client requests before sending them to the back-end server. For example, Web Security Manager Premier can ensure that slow GETs or POSTs are received in their entirety before handing off to the back-end server.
- Finally, as a high-performance HTTP server, the Alert Logic WAF can handle extremely large numbers of concurrent requests, even slow ones. A single request consumes a very small amount of resources since it does not need to spawn new processes or threads for each request.
* Subject to SLA