Cloudflare has announced the availability of DDoS attack alerts for all Cloudflare’s customers on paid plans.
A distributed denial of service (DDoS) attack is when an attacker floods a web server or an Internet connection with more requests than it can handle. This flooding of requests causes the service to become unavailable, and the company or person experiences an outage.
The current delivery methods by Cloudflare plan type are listed in the table below.
Delivery methods by plan
Delivery method | Plan | |||
---|---|---|---|---|
Free | Pro | Business | Enterprise | |
❌ | ✅ | ✅ | ✅ | |
PagerDuty | ❌ | ❌ | ✅ | ✅ |
There are two types of DDoS alerts: HTTP DDoS alerts and L3/4 DDoS alerts. Whether you are eligible to one or both depends on the Cloudflare services that you are subscribed to. The table below lists the alert types by the Cloudflare service.
Alert types by service
Alert type | Service | |||
---|---|---|---|---|
WAF/CDN | Spectrum | Spectrum BYOIP | Magic Transit | |
HTTP DDoS alerts | ✅ | ❌ | ❌ | ❌ |
L3/4 DDoS alerts | Coming soon | Coming soon | ✅ | ✅ |
Creating a DDoS alert policy
In order to receive alerts on DDoS attacks that target your Cloudflare-protected Internet property, you must first create a notification policy. That’s fast and easy:
- Log in to your Cloudflare account dashboard: https://dash.cloudflare.com
- In the Account Home page, navigate to the Notifications tab
- In the Notifications card, click Create
- Give your notification a name, add an optional description, and the email addresses of the recipients.
If you are on the Business plan or higher, you’ll need to connect to PagerDuty before creating the alert policy. Once you’ve done so, you’ll have the option to send the alert to your PagerDuty service.
The alert includes the following information:
- A short description of what happened
- The date and time the attack was initially detected and mitigated by our systems
- The attack type
- The max rate of the attack when the alert was triggered
- The attack target
The attack may be ongoing when you receive the alert and so we also include a link to view the attack in the Cloudflare dashboard and also a link to provide feedback on the protection and visibility.
Bijay Pokharel
Related posts
Recent Posts
Subscribe
Cybersecurity Newsletter
You have Successfully Subscribed!
Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox. You are also consenting to our Privacy Policy and Terms of Use.