Filter

Filter Layer

After passing through the edge, traffic is forwarded to the filtering layer, which consists of three sequential challenge stages designed to effectively mitigate malicious traffic.

Dynamic Challenge Management

The challenge stages (Cookie Challenge, PoW JS Challenge, and Custom Captcha) are dynamically activated based on how many requests bypass the current filter level without being blocked. This allows for adaptive filtering depending on the current threat level and bot sophistication.

The threshold of allowed bypassed requests before progressing to the next challenge stage is configurable via a public API.
This ensures flexibility and allows tuning the filter aggressiveness depending on real-time attack patterns or sensitivity of protected content.

Challenge Stages:

Cookie Challenge The cookie challenge is entirely invisible to users and supported by all modern web browsers as well as most HTTP libraries. It is a lightweight and effective method for defending against basic DDoS attacks without impacting the user experience.
PoW JS Challenge The Proof-of-Work (PoW) JavaScript challenge is designed to block more advanced bots. It is slightly more intrusive, but still user-friendly. The difficulty of the challenge can be customized via api and provides a balance between protection and usability.
- Difficulty 6: ~21.400 seconds
- Difficulty 5: ~3.100 seconds
- Difficulty 4: ~0.247 seconds
Custom Captcha The custom captcha should be considered a last resort, or used to protect especially vulnerable or high-risk webpages. While highly effective, it has a more noticeable impact on user experience.

Information:

If a client fails too many challenges across the stages, their IP address will be dropped at the edge level, preventing further load on both the edge and the filter components.

Clean Proxy

Once the filtering process is successfully completed, clean traffic is forwarded to the clean proxy, where it continues to the intended backend services.

PreviousEdge NextClean Proxy

Last updated 2 days ago

Was this helpful?

Filter

Filter Layer

After passing through the edge, traffic is forwarded to the filtering layer, which consists of three sequential challenge stages designed to effectively mitigate malicious traffic.

Dynamic Challenge Management

The threshold of allowed bypassed requests before progressing to the next challenge stage is configurable via a public API.
This ensures flexibility and allows tuning the filter aggressiveness depending on real-time attack patterns or sensitivity of protected content.

Challenge Stages:

Cookie Challenge The cookie challenge is entirely invisible to users and supported by all modern web browsers as well as most HTTP libraries. It is a lightweight and effective method for defending against basic DDoS attacks without impacting the user experience.
PoW JS Challenge The Proof-of-Work (PoW) JavaScript challenge is designed to block more advanced bots. It is slightly more intrusive, but still user-friendly. The difficulty of the challenge can be customized via api and provides a balance between protection and usability.
- Difficulty 6: ~21.400 seconds
- Difficulty 5: ~3.100 seconds
- Difficulty 4: ~0.247 seconds
Custom Captcha The custom captcha should be considered a last resort, or used to protect especially vulnerable or high-risk webpages. While highly effective, it has a more noticeable impact on user experience.

Information:

If a client fails too many challenges across the stages, their IP address will be dropped at the edge level, preventing further load on both the edge and the filter components.

Clean Proxy

Once the filtering process is successfully completed, clean traffic is forwarded to the clean proxy, where it continues to the intended backend services.

PreviousEdge NextClean Proxy

Last updated 2 days ago

Was this helpful?