Skip to main content
Packets Decreaser Layer 7 protection analyzes HTTP/HTTPS traffic in real time and applies progressive challenge stages to filter out malicious requests while keeping legitimate users flowing through. Understanding how the system behaves during an attack helps you set accurate expectations and interpret what you see in your dashboard.

Mitigation timing

Under normal conditions, the filtering and mitigation process completes in under 5 seconds. Most attacks are neutralized before legitimate users notice any degradation.
The 5-second window applies to typical attack volumes. Extremely large-scale attacks may take longer as the system builds a pattern profile.

Large-scale attacks

During exceptionally large DDoS attacks — those reaching several hundred thousand requests per second — the edge may temporarily become overloaded before mitigation fully engages.
When attack volume is high enough to saturate the edge, the affected domain may experience brief downtime while the system analyzes traffic patterns. Once the system identifies enough malicious signatures, it begins blocking those IPs at Layer 4, which significantly reduces the load on Layer 7 filtering.
Short bursts at extreme volume may not be fully mitigated during their runtime. The edge can temporarily stop responding — this does not mean mitigation failed. It means the system is still analyzing the attack. Once sufficient patterns are identified, even those burst attacks are blocked going forward.

Adaptive learning

The mitigation engine improves over time as it observes more attack traffic.

Attack duration

The longer an attack persists, the more effective mitigation becomes. The system continuously refines its blocking rules as patterns accumulate.

Attack frequency

Repeated attacks against the same domain help the system learn attacker behavior faster, resulting in quicker response times in future incidents.
If you are running penetration tests or load tests, inform support in advance. Frequent simulated attacks will improve the system’s baseline for your domain.

CDN compatibility

Cloudflare and other CDN services placed in front of the Packets Decreaser proxy are not supported and may interfere with Layer 7 filtering. Do not open support tickets for issues caused by CDN configurations — remove any upstream CDN before troubleshooting.
Place Packets Decreaser as the outermost layer of your traffic pipeline. Your backend server sits behind the proxy; nothing should sit in front of it.