This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

How can we protect our APIs against a DDoS attack?

Posted on 02-17-2021 01:51 AM
pallavisharma
New Member
Reply posted on --/--/---- --:-- AM

Due to vulnerability of internet facing and basic auth based API we need to ensure adequate protection is provided by apigee edge to stop infrastructure and financial impact of a DDOS attack.

How to restrict IP within a period of time?

@anilsagar

0 2 516
Topic Labels
0 Likes
Reply
2 REPLIES 2

Posted on --/--/---- --:-- AM
Not applicable
Reply posted on --/--/---- --:-- AM

You can restrict with firewall, mutual TLS and Apigee access control policy.

Reply

Posted on --/--/---- --:-- AM
dchiesa1
Staff
Reply posted on --/--/---- --:-- AM

Protecting against DDos is the job of a WAF.

A good way to solve this is with Cloud Armor, using Apigee X.

With Cloud Armor, you can configure rate limits at the network edge. Requests will be permitted only if they fall under the rate limit.

Apigee X runs in the Google cloud and inherently is protected against DDoS by the Google network Edge, even if you do not use Cloud Armor. Cloud Armor gives you additional flexibility in that you can configure your own custom rules to be enforced at that edge.

One final note: a DDoS attack by definition does not original from a single IP address. You asked "How to restrict IP within a period of time". That's not how DDoS protection works.

Reply