Layer-7 Anti-DDoS Filter with LiteSpeed Web ADC https://www.litespeedtech.com/images/logos/litespeed/litespeed-logo.png 2020-01-24 15:17:45 LiteSpeed Web ADC uses sophisticated, statistics based sensing for detecting DDoS attacks. When an attack is in progress, protection mode is dynamically activated automatically, protecting LiteSpeed Web ADC and backend server assets.

Layer-7 Anti-DDoS Protection

LiteSpeed Web ADC is vigilant so you don't have to be

Web ADC Anti-DDoS Filtering

LiteSpeed Web ADC DDoS Filtering

LiteSpeed Web ADC uses sophisticated, statistics based sensing for detecting DDoS attacks. When an attack is in progress, protection mode is dynamically activated automatically, protecting LiteSpeed Web ADC and backend server assets.

Using advanced human/browser detection methods, LiteSpeed Web ADC instantly filters out botnet traffic. In protection mode, requests are not forwarded to backend servers until the IP passes verification. RBL Blacklist queries are used to block known botnet IPs via WAF rules, blocking them instantly at the Firewall.


Web ADC Anti-DDoS

How LiteSpeed Web ADC Thwarts DDoS Attacks

  • Connection-based reCAPTCHA: If there are too many connections to the server at once, reCAPTCHA is activated, and connections are validated to only allow humans. Requests are not forwarded to backend servers until the IP passes verification.
  • Signature-based reCAPTCHA: If a single IP is visiting a single page too many times, it is suspicious. The IP is redirected to reCAPTCHA for verification.
  • WP-Brute-Force-based reCAPTCHA: If a single IP is visiting the WordPress login page too many times, it is redirected to reCAPTCHA. Or, regardless of IP, if the WordPress login page is getting hit too many times overall, reCAPTCHA is activated.
  • Known Bad User verification: Admins can add their favorite blocklist to the ADC and the ADC will verify the IP against the blocklist. If the IP is a match the ADC will automatically block it.

Layer 7 Attack

What is a Layer 7 DDoS attack?

Layer 7 is the top layer in the Open Systems Interconnection (OSI) model, where HTTP requests occur. It's also known as the Application Layer. Attacks in this layer are particularly effective because they consume server resources as well as network resources. Layer 7 DDoS attacks are common because it takes relatively few resources to launch such an attack, while causing considerable resources to be spent at the target server.

One of the challenges in mitigating application-layer attacks is in distinguishing legitimate traffic from malicious traffic. The most effective methods include CAPTCHA and WAF. Through CAPTCHA, visitors must prove they are human by responding to a challenge. Any IP that fails the challenge is blocked access to the server. Additionally, a Web Application Firewall (WAF) can be used to filter traffic by IP reputation.


Network Protection

Protect Your Network

Get LiteSpeed Web ADC, and get effective protection from Layer 7 DDoS attack, plus load balancing, cross datacenter replication, improved speed and reliability, and more!