I’m the DDoS Protection product manager at Cloudflare, and I’d love to learn more about what features you’d like to see. Specifically what DDoS protection customizations you’d like to have, what customization options and settings.
Let us know here: http://cfl.re/ddossurvey
Question, Increasing the threshold of when the mitigation kicks in. Does this refer to a trigger that sets UAM when a threshold is met?
UAM is triggered based on the threat score. The DDoS protection systems kick in once packets/requests meet the thresholds per fingerprint.
We have received two alerts in total, they looked like this:
DDoS Attack Alert (redacted)
A HTTP DDoS attack has been automatically detected and mitigated
Time detected redacted
Type HTTP Flood
Request rate 54.60k rps
It is “mysterious” in the sense that it suddenly mitigated an attack without us doing much, if this is what the threshold refers to, that would be nice as the current automatic HTTP mitigation is a bit obscure, we didn’t even know that it existed until it kicked in.