Preventing DDoS attacks

To prevent and mitigate DDoS attacks, Magnolia PaaS grants all customers (using Fastly as their CDN):

  • Access to origin shielding

  • Automatic resistance to availability attacks

  • Access to Fastly cache IP space

  • Custom DDoS filter creation abilities

Block IP address with ingress

diagram
  1. If you are using Fastly as your CDN in your Magnolia PaaS project, submit a request ticket with the specific IP that you wish to block and we’ll get right on it.

  2. If you are not using Fastly as your CDN, you’ll need to manually block the dangerous IP in the ingress section of your values.yml file.

Instructions

  1. Go to https://ipinfo.io/www.xxx.yyy.zzz (where www.xxx.yyy.zzz is the suspicious IP).

    ipinfo report abuse

  2. Update your values.yml file with the following snippet:

    kind: Ingress (1)
    metadata:
      annotations:
        nginx.ingress.kubernetes.io/server-snippet: deny www.xxx.yyy.zzz; (2)
    1 Specifies the kind Ingress.
    2 Denies the specific IP address.
    For more information on server-snippet, see NGINX Ingress Controller reference.
Feedback