Utilize StackPath's L3-L4 DDoS protection feature to provide supplemental security for your workloads. For an additional monthly cost, this feature detects and mitigates attacks made to your workload on the 3rd and 4th layers of the OSI model.
Please see L3-L4 DDoS Protection PoPs for a list of locations that currently support L3-L4 DDoS protection. This list will be updated as more PoPs are configured to support this feature.
Billing for L3-L4 DDoS Protection is usage-based (pay-as-you-use) as determined by instance hours. Instance hours are defined by the number of hours where L3-L4 DDoS Protection is enabled on running workloads.
There can be any combination of instance hours. For example, 1 instance consumed for 1 hour or 2 instances consumed for 30 minutes each are both equal to 1 instance hour.
StackPath bills in 1-second increments with a 5-second minimum per instance.
The cost of each instance hour will vary based on the DDoS package as shown in the table below:
|Protected Instance Hours||-||7200/month||72,000/month|
$0.06 each additional hour
$0.05 each additional hour
For this scenario, we are using L3-L4 DDoS Protection under a Professional DDoS package, where we are allotted 7200 instance hours a month.
Here are few different cases where 7200 instance hours is consumed:
10 instances running constantly for the entire month (each month == 720 hours)
20 instances running 12 hours a day
40 instances running 6 hours a day
To learn more about our L3-L4 DDoS Package offerings, please see here.
Enabling/Disabling L3-L4 DDoS Protection
L3-L4 DDoS protection is enabled default upon initial creation of a workload, however, you may disable it by doing either of the following:
- Toggle the L3-L4 DDoS Protection switch in step 3 of the workload creation process.
- Or click the 3 dots under the Action column in the Workloads table, then click Deactivate DDoS Protection.
- You can also enable DDoS Protection for a running workload here as well.
Check the status of your workload's L3-L4 DDoS protection by looking at the DDoS column in the Workloads table.
Once DDoS protection has been activated on a workload, any instance created from that workload will get that protection.
Customers who do choose to disable L3-L4 DDoS protection are subject to have their traffic rate-limited in the event of an attack in an effort to maintain the best performance for all of our customers.
Viewing Attack Details
To view attack details, click on the L3-L4 DDoS Protection tab on the left-side navigation menu.
You can adjust the unit that is used to display all of the data (mbps or gbps) as well as filter by any of your workloads' IP addresses.
By default, this page displays the latest requests from the previous 24 hours; however, you can select the calendar icon in the top right corner to change the displayed time frame.
This section provides you with detailed information for all DDoS attack attempts made to your workload. This includes the total number of past, current and completed attacks, attack duration, maximum file size and total volume of bandwidth consumed.
Top 5 Attacked IP Addresses
This section lists your top 5 most attacked IP addresses sorted from most to least.
View the number of allowed and blocked requests using the Estimated Traffic chart.