DDOS protection for non HTTP/HTTPS endpoints



I’ve been using the product to protect my HTTPS API endpoints.

However, my servers also have endpoints that are listening on FTP, sFTP SMTP and other protocols.
Can I use your service to protect those endpoints?
Particularly, can I use it to protect from DDOS?


What happens if the request is non-http?

Not today. At the moment Cloudflare only provides support for http/s and web socket traffic.

Question around SMTP specifically (because we’ve talked about protecting other ports in the past), would protection from DDoS be what you want for your SMTP server or would you also expect some type of spam filtering service to be included in that protection?


Primarily DDoS.

Some of our clients send us data using emails. We automatically read those emails, process them and archive them. We know how to process and archive based on the origin that the email was sent from - so we can easily filter out unknown origins.

Spam filtering seems like a nice to have. But there is plenty of cheap providers for spam filtering - and the reason we are choosing cloudflare is for security reasons and your advanced DDoS rules.


Ok thanks for the feedback, I will pass it along to the product team.


@cscharff There are also plenty of bad spam filters, even some of those are popular. Business can never afford to have one legitimate email flagged.


Spectrum is now available for our enterprise customers. We’re investigating ways to make it more broadly available for other plans as well.

What happens if the request is non-http?