URI-Based DDoS Protection for AppTrana
April 19, 2022
At Indusface, we constantly innovate to strengthen the security posture for our customers. Our unique and state-of-the-art Behavioral DDoS solution – AppTrana has got an upgrade/ ally.
Introducing the All-New URI-Based DDoS Protection
With the Behavioral DDoS Protection feature, our customers can tackle all the curve balls that attackers throw at them. Now, with the new and advanced weapon – the URI-based DDoS Protection feature added to their arsenal, their security posture is impenetrable!
Basically, with this new feature, AppTrana customers can now protect their applications from DDoS attacks at a granular level. Before we deep dive into this new product update, let’s understand the following in detail –
What is an URI?
URI, short for Uniform Resource Identifier, is a unique sequence of characters that identifies a web resource by location, name, or both.
What is Behavioral DDoS Protection?
Check out our detailed blog on the same.
What is URI DDoS Protection?
In line with the Behavioral DDoS feature, we have now released the URI-based DDoS Protection feature to provide granular security for our AppTrana customers.
The Behavioral DDoS protection that we currently have is a system-defined policy which is at the following levels – Application, IP, and Session.
Managed DDoS Attack Protection for Application
At an application level, customers can create a formula-based policy. For example, if the requests to the host exceed by 200% comparing the last 7 days (max), then, an alert/ notification is sent to the customer. (This policy isn’t an actionable alert. It pervades across the application from different identities, thus, blocking a particular identity with malicious requests wasn’t possible).
Similarly, we have the IP and Session-based rate limiting policies. Here, in any application protected by AppTrana, we inject a session and based on the session cookie, we track the IP. Now, for example, if the request isn’t honoring this session cookie, then, it will fall under IP-level rate limiting policy. For which, we provided the formula-based policy that can be configured for various actions including blocking the identity when triggered.
Now, we have introduced the URI-level DDoS Policy – The Next Level to Behavioral DDoS Protection.
This policy provides an advanced level of protection for our customers. They can now go beyond the formula-based protection, i.e., provide the specific URIs that they want to keep a check on.
For example, if the login page of an application is receiving abnormal no. of requests from on identity based on the custom policy defined, then, that identity can be blocked (if added in the URI-level policy as shown below) immediately. This URI-protection level would be very helpful to protect transactional pages since that is where the moolah is!
Steps to Create a URI-Based DDoS Policy
Note: For effective security, we recommend our customers to apply the IP and Session-based policies for any URI they want to protect.
Step 1: Choose a Protection Setting
• Choose the Policy Type: IP URL Limiting Policy
• Enter URL: /free-trial.php
• Click on the Confirm button
Step 2: Create Policy
• Enter Policy Name: Free Trial
• Enter the necessary Formula.
• Add email id in the field: And also inform
• Click on the Create button
Now, the policy will be created in the disabled mode. In the back end, we will be creating the policy and then, you will immediately be notified of its creation to the above entered email id.
Then, in the portal (User Defined Protection Policies), you would be able to activate the URI-based policy. Once activated, it will showcase the necessary historical trends. Next, you can edit/change the formula-based rule based on historic trend and enable them.
The Perfect Business Use-Case
For critical and transactional pages such as: Login, Checkout, Sign-up, Pricing, etc, the URI-based policy is the best tool to safeguard your business.
Contact our experts to know more about this feature in detail.
Stay tuned for more relevant and interesting security articles. Follow Indusface on Facebook, Twitter, and LinkedIn.
