DDoS protection for Rackspace

Cloudflare and Magento logos

Cloudflare keeps your websites and web applications secure — even against the largest of DDoS attacks. Website attacks today have dramatically evolved to include both distributed (DDoS) and, more recently, distributed reflector (DRDoS) attacks that cannot be addressed by traditional on-premise solutions.

By leveraging Cloudflare’s vast network, our advanced DDoS protection (provisioned as a service at the network edge) detects and mitigates both network (OSI layers 3, 4) and application (layer 7) DDoS attacks, with zero downtime to your website. Contact us to learn more about how Cloudflare can protect your Rackspace hosted website.

Learn more about how Cloudflare can protect your Rackspace hosted website

Questions? Call us at:

US: 1 888 993 5273
UK: +44 (0)20 3514 6970
Singapore: +65 3158 3954
Int'l: +1 (650) 319 8930

More reasons to integrate Cloudflare with Rackspace

Improve the speed and performance of your Rackspace hosted website via Cloudflare's next-generation CDN. Serve files closer to your visitors while delivering dynamic content from your web server.

Learn more about CDN

Cloudflare’s WAF is built to protect your Rackspace hosted website from malicious attack, such as SQL injection, cross-site scripting, and comment spam. Learn how to customize the WAF and extend your protection further.

Learn more about WAF

Cloudflare’s DDoS protection shields your Rackspace hosted website or web application from:

  • OSI layers 3, 4, and 7 attacks.
  • DNS amplification attacks
  • SMURF attacks
  • ACK attacks
I believe Cloudflare is the best thing to happen to the web in recent memory.
CHRIS HOLLAND
Director of Technology at Luxury Link

FAQ

Does Cloudflare charge for bandwidth usage during a DDoS attack?

No. Cloudflare will never bill you for bandwidth usage. We believe if your site suddenly gets popular or suffers an attack, you shouldn't have to dread your bandwidth bill.

What are the largest DDoS attacks that Cloudflare has mitigated?

DDoS attacks are measured two ways: The number of malicious packets per second (pps) and the attack bandwidth bits per second (bps). In early March of 2016, Cloudflare mitigated against attacks that exceeded 400Gbps and 180Mpps; you can read about these attacks in our blog posting " 400Gbps: Winter of Whopping Weekend DDoS Attacks."

What are layer 3 and 4 DDoS attacks?

Layers 3 and 4 of the OSI model are considered the transport and network layers of the communication system. DDoS attacks directed at layers 3 and 4 flood the network interface with traffic, overwhelming its resources and denying it the ability to respond to legitimate website visitors. With Cloudflare enabled, attack traffic that would otherwise directly affect your server infrastructure is intelligently routed to Cloudflare’s global Anycast network of datacenters. Once this traffic has been rerouted, your website leverages Cloudflare’s network capacity and server infrastructure to absorb the attack traffic at our network’s edge. Your website, with the protection of Cloudflare, is safe from all layer 3 and 4 attack traffic.

What are layer 7 DDoS attacks?

Layer 7 DDoS attacks, also called application-layer attacks, focus on specific characteristics of web applications that create bottlenecks. With application-layer attacks, the amplification is CPU, memory or resource-based, not network (layer 3 or 4) based. Cloudflare provides protection against layer 7 attacks and, on average, reduces HTTP attack traffic by 90%. The 10% of HTTP traffic that does make it through traditional protections still has the potential to be overwhelming; in this scenario, Cloudflare offers a security setting called “I’m Under Attack” mode (IUAM). In IUAM, an interstitial page is presented to your site’s visitors for 5 seconds while automated checks are completed to ensure the traffic is legitimate.

How is Cloudflare’s DDoS solution different than an on-premise hardware-based DDoS solution?

Layer 3 and 4 DDoS attacks are nearly impossible to mitigate using on-premise hardware solutions; if an attack’s throughput is more than a network link can handle, there are no additional resources that can be applied to reroute attack traffic and provide a safe passage for legitimate traffic. For example, if a router with a 5Gbps port is overwhelmed by 6Gbps of attack traffic, the port will become flooded with requests and unusable. Alternatively, Cloudflare’s Anycast global network intelligently recognizes and distributes layer 3 and 4 attack traffic across the network, allowing legitimate traffic to access your Cloudflare protected website.