network background popup

What is a DDoS Attack?

A DDoS attack is when illegitimate Internet traffic is sent to a network or website in an effort to flood a Network’s Infrastructure and/or exhaust a server’s resources. The result is that legitimate websites visitors requests cannot be fulfilled by the overwhelmed network or webserver.

DDoS attacks fall into 1 of 2 categories

  • Volumetric attacks

    In general, these types of attacks also referred to as “Floods” is when the attacker tries to flood the Internet bandwidth capacity of a website’s Internet connectivity or hosting provider. They usually take the form of a UDP flood or TCP SYN attack.

  • Sophisticated attacks

    These types of attacks are the most difficult to stop and can be tricky to stop as they employ techniques that are not easily detected by many firewalls. There are many attacks in this category. Many use HTTP and HTTPS and can focus on a very CPU intensive part of the website and usually do not require large amounts of bandwidth. Some of the most common attacks in the category are Slowloris, JSloic, and headless browsers such as Phanton JS. The end result is the same, the website is down or slowed to a crawl.

DDoS Protection

  • Our global network capacity is at 3Tbps and ever increasing
  • Most Secure WAF available, based on a positive security model
  • Complete comprehensive cloud based website security service
  • Fully managed service
  • Includes global performance monitoring, CDN and load-balancing
  • All of our infrastructure is owned and operated by us
  • Stop any and all attacks, Period !
  • PCI level 1 certified
  • 12 years of experience in DDoS protection
  • 99.99% Uptime guarantee
  • Unparalleled 24/7 support
  • Globally distributed nodes

DOSarrest's DDoS protection service has evolved over the last 12+ years to handle the largest and especially the most sophisticated attacks, we have a fair bit of experience after all.

DOSarrest's DDoS protection service is a fully managed security service. What does that mean to you ? It means you don't have to ever login if you don't want to. Our SOC will take care of any configuration changes you want, tell us what you want to accomplish and we'll do the rest, usually within 10 minutes. Should you like to control things yourself, by all means login and take charge, our customer portal is second to none, very responsive and very intuitive, allowing your changes to be active in seconds.

Our DDoS protection service is comprehensive in every sense, when it comes to protecting websites. We stop any and all DDoS attacks. The truth is that 95% of all attacks on websites are actually pretty small but are very sophisticated layer7 attacks, that will take your website down just as fast as a mega volumetric attack but they're harder to detect and stop. We take care of these as well. How do we do it ? We don't utilize any off the shelf DDoS mitigation hardware or application firewall hardware and never have. We have developed our own software that enables us to create multi-tiered complex rules to combat any attack, this means attacks that have never even been seen before, we can stop on the spot.

The service operates by allowing customers to redirect by DNS their URL's/ Domains to a DOSarrest VIP(Virtual IP), once this is done all traffic will flow to one of our globally distributed scrubbing centers where it will be scrubbed of any malicious traffic and then we will forward the clean traffic to the customers' origin server wherever it may be. The customer's origin server IP is kept completely hidden from all Internet visitors and therefore cannot be attacked directly.

Cloud Based Layered Protection

We employ a layered approach to DDoS mitigation comprised of 3 major layers plus A Web Application Firewall(WAF) layer on all of our globally distributed nodes. All customers websites use all nodes simultaneously, this allows us to chop up any mega attacks into smaller bites and gives customers a performance boost at the same time, by caching some or all of their content around the globe.

The layers are best illustrated in this graphic and video.

Layer 1 as shown above is accomplished with the help of our upstream providers where we have strategically placed filters inside their backbones. Layer 2 is done on our routers and load balancers. Layer 3 is done with our in-house developed software which we have developed and re-developed over the last 12 years, this is the layer where we stop the most sophisticated layer 7 attacks. At this level we can create any security and/or performance feature in a matter of minutes and deploy it for any customer right away or choose any of the ready-made, available features in our portal and deploy it in seconds.

Botnet Control

What is Web scraping ?

Web scraping is the automated harvesting of web content from one or thousands of different websites. This can be as simple as one person or an organization specifically interested in the content of a single source website or the harvesting of one or more industry related websites which can number in the thousands.

Why do scraping ?

If you’re a retailer and want to have the best price on particular item.

You can scrape all your competitors for this item, you can then price your Item for less. Some bad actors use scraping to steal content and then post it on their own websites to attract visitors. Its estimated that bots account for 60% + of all website traffic.

Who is most effected by Web Scraping ?

Studies have shown that the top industries affected by web scraping are identified in order are : Real estate, digital publishing, e-commerce, directories and classifieds, airlines and travel.

Another negative Side effect of Web Scraping

Over active bots can result in extra resources on your server if it’s on a cloud platform this can cost you considerable money. Most people don’t even know why their hosting bill keeps going up. In extreme cases if too many over active bots are crawling your website at the same time it can cause your website to slow and even not respond to legit web visitor traffic. Learn more


In order to be ahead of the curve in this field you have to have great data analytics we have deployed a new analytics engine to enable us to ingest and analyze large amounts of requests coming into our service. We are big on "big data" and have to be, if we want to remain a leader in this game. These analytics are available to all of our customers through our customer portal. We also use this intel to analyze and develop security features to apply to customer's configurations. This same big data analytics engine is also used with our machine learning initiatives.

Custom Configurations

Customer Accounts

Our Customer portal allows customers to create user accounts, sub accounts and roles. User permissions(read or write) can be defined by VIP, user account or predefined roles, this allows MSP's and ISP's the greatest flexibility for their customers. Customers can also turn on an enhanced security measure, by enabling 2 factor authentication.


We have tried to make our DSS customer configuration area as intuitive as possible. We have seen many other's DDoS protection configuration portals and some are just an endless panel of options of things to enable or disable, some of which have nothing to do with website security or performance. We have tried to make things as easy as possible for our customers. We have developed what we call "features" there are 2 types of features, Security and Performance features. All you have to do is select an area of your website where you would like to apply a feature, which could be at the VIP level, the webserver level or a particular URI that you may wish to define. Then apply the feature to the level you have chosen. It's that simple, no guess work on what or where something will affect the operation of your website. Should you require a feature that is not listed in our feature choices, no problem, tell us what you want and we'll make it for you, usually on the spot within minutes and make it available.

In addition to the features mentioned above there is one other major security mechanism that is very useful, which is ACL's (Access Control List). Customers can white list by IP address certain areas of their website by predefining who's allowed in and deny all others. This is most frequently applied to sensitive website URL's like /admin-login, predefine which IPs can access this URL and deny everyone else.

Custom Configurations

Customer Dashboard

DOSarrest Security Service(DSS) is our customer portal, this is our 5th generation, just released in 2018. It's the best yet, utilizing the latest modular design development tools and database structure. The beauty of the new system is, it will allow us to implement new analytics, metrics and many other functions and features we haven't thought about yet. Flexible and functionality is what it's all about in this business that is in constant change.

Blocked Events

Created with Highcharts 6.0.4EventsChart context menuChart titleForbidden(403)Domain Forbidden(461)Invalid SYN PacketInvalid RST PacketInvalid FIN PacketStatus(404)Restricted Client(463)Rate Limited(429)Bad Request(400)Request Timeout(408)

Bandwidth Analytics

Created with Highcharts 6.0.412 Hours Time ScaleBitRate Per SecondChart context menuChart titleOutboundInbound11:3011:3011:3011:300 Mb/s7.63 Mb/s15.26 Mb/s22.89 Mb/s30.52 Mb/s38.15 Mb/s45.78 Mb/s53.41 Mb/s61.04 Mb/

Connection Analytics

New DDoS Protection

Status Codes

New DDoS Protection

Cache Data

New DDoS Protection

Bird's Eye

New DDoS Protection

Events By Country Blocked

New DDoS Protection

Events by Country Clean

New DDoS Protection

Top URLs & Referers

New DDoS Protection

Visitor Stats

New DDoS Protection

Events by Country

New DDoS Protection

Connection State Events

New DDoS Protection

Event Analytics

New DDoS Protection

Connection States

New DDoS Protection


Security Operations Center… Depending on how you see things, not everything can be automated or performed by machines, automation is nice but in the end, highly skilled, responsive people are required to ensure everything is working as it should. We have as high a support analyst to customer ratio in this business than any other DDoS protection service. Our 24/7 SOC is constantly monitoring alerts that may be triggered by malicious traffic and then investigate further when required. Customer support is available by phone, email or chat by qualified, experienced engineers and analysts, our average response time is within 10 minutes.


White Labeling and API's

ISPs and MSPs can now white label our customer portal to give their customers the look and feel as if its their own DDoS protection service and can exclusively manage their customers configurations yet allow their customers to login and see their respective website analytics.

Some larger network providers can use our API's to integrate our service into their own existing customer portals and panels. This allows NSP's and MSP's to offer their customer base one of the most advanced cloud based DDoS protection and WAF services available today, all backed by a 24/7 expert security team. A great in demand service with a new revenue stream without the cost.

Once traffic has passed through the above 3 layers it moves into the Web Application Firewall, which is one of the most advanced cloud based WAF's available on the market today.