Additional Protective Measures

Good website protection requires a layered approach. We described the main settings in the "DDoS Protection Setup" article. Implement additional protective measures to minimize the website vulnerability.

Change your IP

An attacker can get your real IP using DNS History and attack it directly. Get a new IP and put it in the Original IP field in the Control panel. Don't mention/publish the IP anywhere else.

Сheck your DNS records

If you have subdomains or other records that point to the real IP, change them to another IP.

Check your HTML code

Ensure that your HTML code doesn't have references to your real IP.

Set IP access policy

Limit access to your server for all but our subnets and some trusted IPs. We mention ways to set the limits in the "Origin Access Restrictions" article.

Configure your mail service

Configure a separate email server. If you are running your mail server on the same server as your website, an attacker can find your origin server IP.

Restore users' IP addresses

Configure the X-Forwarded-For HTTP header to restore real visitors' IP addresses. Otherwise, you will see requests only from our subnets.

Reduce server load

Move the static assets (images, video, css, javascript) to a subdomain and use CDN to deliver them. It reduces server load and bandwidth. 

IPv6

By default, we protect only IPv4 addresses, so if your website is also available via IPv6 we recommend removing the A record for IPv6 address from your DNS settings or adding protection for it. The IPv6 protection can be added by request. For details, reach us via chat or email to support@gcorelabs.com.

Was this article helpful?
Recently viewed articles