Protection against ddos attack for web server API

Hello. How can I protect my web server API? I critically can’t enable the captcha screen, because many clients connect to my api separately. My API uses a desktop application. Traffic needs to be filtered differently.

For example, if I am attacked by requests with non-existent API endpoints, when there are millions of such requests per second - the webserver will not survive no matter how fast it processes each request.

What methods of protection will work for me and how to do it correctly?

I tried to use the Security - DDoS, Ruleset action block with Ruleset sensitivity High setting. Of course Security Level - High.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.