DDoS Protection & Firewall Rules
GoSiteMe includes built-in DDoS mitigation and a configurable web application firewall (WAF) to protect your websites from malicious traffic. This guide explains how these protections work and how to customize firewall rules for your needs.
How DDoS Protection Works
All traffic to your GoSiteMe-hosted sites passes through our global edge network, which automatically:
- Detects volumetric attacks (UDP floods, SYN floods, amplification attacks) and drops malicious packets before they reach your server.
- Applies rate limiting to HTTP requests that exceed normal patterns.
- Uses behavioral analysis to distinguish bots from legitimate visitors.
- Scales mitigation capacity dynamically—no manual intervention required.
DDoS Protection Tiers
| Tier | Included In | Capacity |
|---|---|---|
| Basic | All plans | Up to 10 Gbps |
| Advanced | Business & Enterprise | Up to 100 Gbps with custom rules |
Configuring Firewall Rules
Navigate to Dashboard → Security → Firewall to manage your rules.
- Click Add Rule.
- Define the match criteria: IP address, IP range (CIDR), country, ASN, URI path, user agent, or request header.
- Set the action: Allow, Block, Challenge (CAPTCHA), or Rate Limit.
- Assign a priority. Lower numbers execute first.
- Click Deploy. Rules take effect within 30 seconds.
Common Firewall Rule Examples
- Block a country: Match = Country is "XX", Action = Block.
- Whitelist office IP: Match = IP is 203.0.113.50, Action = Allow, Priority = 1.
- Rate limit login page: Match = URI contains "/login", Action = Rate Limit (10 req/min).
- Block bad bots: Match = User Agent contains "BadBot", Action = Block.
Monitoring Attacks
The Security → Analytics panel shows real-time and historical data on blocked threats, top attacking IPs, geographic distribution of threats, and attack types. Use this data to refine your firewall rules.
Best Practices
- Keep your whitelist rules at the highest priority so legitimate traffic is never accidentally blocked.
- Use challenge actions instead of hard blocks for country-level rules to avoid false positives.
- Review firewall logs weekly and adjust rules based on new threat patterns.
- Enable email alerts under Security → Notifications to be informed of active attacks.