About DDoS Protection

  Last updated 2024-10-22

The DDoS Protection menu contains links to dashboard metrics detailing DDoS attack traffic directed at your applications, APIs, and origin servers over time.

Before you begin

Be sure you know how to access the web interface controls.

Also, keep in mind that Fastly DDoS Protection is disabled by default, but can be enabled directly in the Fastly control panel to immediately establish a defensive posture against attack traffic. Once enabled, all account users will be able to view the metrics. Enabling Fastly DDoS Protection and either logging or blocking potential attack traffic will result in changes to your monthly bill.

About the DDoS Protection pages

When you click DDoS Protection in the side navigation, the Account tab's metrics appear by default. These metrics provide a high-level overview of all potential DDoS attack traffic currently directed at all your account's services.

Attack requests and mitigations metrics at the account level for a service with DDoS Protection enabled

Once you click the Services tab, a series of controls appear:

  • the Service menu allows you to specify the service that the metrics are drawn from.
  • the Region menu allows you to limit the displayed metrics on any dashboard to a specific region around the world.
  • the Time Range menu allows you to change the timeframe over which metrics will be displayed. By default, the system displays 1 days worth of static data. The selected timeframe and time zone persist as you navigate between service dashboards.
  • the Live button allows you to change displayed metrics to live data that changes in real time. Click Exit Live View to stop viewing the live data stream.

You can also learn more information about a chart by hovering over any part of a graph. This displays a timestamp indicator that updates as you move the cursor along with a service version indicator.

These controls are followed by a graph of metrics related to all potential DDoS attack traffic currently directed at the specific service you choose to review. The metrics displayed in the graph for the selected service include:

  • All Requests: the number of requests that were analyzed for DDoS attacks against your service
  • Allowed Requests: the number of requests that were analyzed for DDoS attacks against your service but with no DDoS activities detected
  • DDoS Attack Requests: the number of requests classified as DDoS attacks against your service
  • DDoS Attack Requests Mitigated: the number of requests classified as DDoS attacks against your service that were mitigated by Fastly DDoS Protection

Enabling and disabling Fastly DDoS Protection

After Fastly DDoS Protection has been purchased for your account, it can be enabled and disabled in the web interface by anyone assigned the role of superuser or engineer.

Enabling Fastly DDoS Protection

To enable Fastly DDoS Protection on a service, follow these steps:

  1. Log in to the Fastly web interface.
  2. From the Home page, select the appropriate service. You can use the search box to search by ID, name, or domain.

  3. Click Service configuration.

  4. In the Security area, click the DDoS Protection switch to On to immediately enable DDoS Protection for this service.

    The DDoS Protection settings enabled in logging mode for a service

  5. Using the Protection mode menu, decide what to do next for this service:

    • Leave the menu set to Logging to immediately begin logging potential attack traffic for observation without mitigation.
    • Select Blocking to immediately begin mitigating attacks that DDoS Protection detects.
    • Select Off to temporarily stop logging or mitigating attack traffic, but without disabling DDoS Protection.
NOTE

These instructions refer to protection mode in the context of Fastly DDoS Protection. To enable agent mode (protection mode) on Fastly's Next-Gen WAF, check out our guide about the agent mode instead.

Disabling Fastly DDoS Protection

To immediately disable Fastly DDoS Protection on a service, follow these steps:

  1. Log in to the Fastly web interface.
  2. From the Home page, select the appropriate service. You can use the search box to search by ID, name, or domain.
  3. Click Service configuration.
  4. In the Security area, click the DDoS Protection switch to Off to immediately disable DDoS Protection for this service.

Security products note

No security product, such as a WAF or DDoS mitigation product, including those security services offered by Fastly, will detect or prevent all possible attacks or threats. As a subscriber, you should maintain appropriate security controls on all web applications and origins. The use of Fastly's security products do not relieve you of this obligation. As a subscriber, you should test and validate the effectiveness of Fastly's security services to the extent possible prior to deploying these services in production, continuously monitor their performance, and adjust these services as appropriate to address changes in your web applications, origin services, and configurations of the other aspects of your Fastly services.
Was this guide helpful?

Do not use this form to send sensitive information. If you need assistance, contact support. This form is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Fastly
© Fastly 2024