API
The Gcore Customer Portal is being updated. Screenshots may not show the current version.
Web security
Web security
BillingCreate protected resourceUse Web Security and CDNConfigure protection settingsAdd an SSL certificateRate LimiterSet the Access PolicyDeny accessSet the X-Forward-For headerCheck reports
View eventsCreate rulesRule typesManage triggersSettings
How do I change an A record?What criteria do you analyze?I see lots of requests from several IPs. Could this be an attack?I changed my A record long time ago, but you are not filtering it. What to do?Attackers have found out my origin IP and are attacking it directly. What should I do? directly. What should I do?Who is attacking us?Will a blacklisted user get unblocked after a particular time?During a DDoS attack, we changed your IP address, but we still have problems with the performance. Why?Do you protect against attacks targeted at DNS?Can you disable the protection for some time for the entire site or certain parts of the site?How long does the service enabling take?Which web crawlers doesn't your service block?Force an IP banGet all banned IP addresses for all resourcesRenew SSL certificates
API
Chosen image
Home/Web security/Create protected resource

Create and configure a protected resource

To protect your website, change your IP address to ours (you can get it once you set up a resource in the Control Panel).

Control panel settings

Go to the Web Protection tab and click on the Create DDoS resource button.

Create DDoS resource

Type your website URL without http(s):// in the "Your Domain" field.

If you have a third-level domain which you want to protect add it in the Aliases field. Click on plus right from the field to add more than one domain.

Check the Redirect from WWW to the primary domain box if you don't use www third-level domain. 

If you want requests from the DDoS protection servers to your origin sent via http check the Redirect from https to http box.

Add your IP address to the Original IP address field. We will send legitimate traffic there. Click on Identify Automatically to automatically fill in the IP.

Click on Save changes. Activation will take a couple of minutes.

To add an SSL certificate to your domain or subdomains go to the resource Settings -> SSL -> Edit

Settings tab

There are three options:

  • None (no SSL certificate is added, the requests are sent via HTTP)
  • Let's Encrypt (we order and automatically renew a free SSL certificate from Let's Encrypt. Works only if you have already pointed your domain name to the protected IP address in your DNS settings)
  • Custom (add your SSL certificate by uploading the certificate in PEM format and your private key).

More information on SSL certificates can be found in the Add an SSL certificate to your resource article.

Origin Settings

On the Web Protection tab find the protected IP for your resource. Change the A-record in your DNS settings: replace your current IP with the protected one. A DNS record renewal depends on a Time To Live (TTL) value: it determines how long the record is cached by the servers.

Additional Protective Measures

To protect your website you need to hide your real IP address. Once you finish the basic setup DNS servers will start providing our IP to the requests but that is not the only way to get the website's real IP. Follow our recommendation for additional protective measures to ensure your website security.

The recommendations are also available in the Control Panel: go to the Web Protection tab -> click on the arrow near Settings button -> Setup guide.

Was this article helpful?

Not a Gcore user yet?

Discover the all-in-one Web security solution by Gcore

Go to the product page
Edit on GitHub