# Filter *** ### Filter Layer After passing through the edge, traffic is forwarded to the filtering layer, which consists of **three sequential challenge stages** designed to effectively mitigate malicious traffic. #### Dynamic Challenge Management The challenge stages (**Cookie Challenge**, **PoW JS Challenge**, and **Custom Captcha**) are dynamically activated based on how many requests bypass the current filter level without being blocked. This allows for adaptive filtering depending on the current threat level and bot sophistication. * The **threshold of allowed bypassed requests** before progressing to the next challenge stage is configurable via a **public API**. * This ensures flexibility and allows tuning the filter aggressiveness depending on real-time attack patterns or sensitivity of protected content. #### Challenge Stages: 1. **Cookie Challenge**\ The cookie challenge is entirely invisible to users and supported by all modern web browsers as well as most HTTP libraries. It is a lightweight and effective method for defending against basic DDoS attacks without impacting the user experience. 2. **PoW JS Challenge**\ The Proof-of-Work (PoW) JavaScript challenge is designed to block more advanced bots. It is slightly more intrusive, but still user-friendly. The difficulty of the challenge can be customized via api and provides a balance between protection and usability. * **Difficulty 6**: \~21.400 seconds * **Difficulty 5**: \~3.100 seconds * **Difficulty 4**: \~0.247 seconds 3. **Custom Captcha**\ The custom captcha should be considered a last resort, or used to protect especially vulnerable or high-risk webpages. While highly effective, it has a more noticeable impact on user experience. #### Information: If a client fails too many challenges across the stages, their IP address will be dropped **at the edge level**, preventing further load on both the edge and the filter components. ### Clean Proxy Once the filtering process is successfully completed, clean traffic is forwarded to the **clean proxy**, where it continues to the intended backend services. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.packets-decreaser.net/ddos-protection/layer-7/how-we-mitigate-ddos-attacks/filter.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.