Expand my Community achievements bar.

SOLVED

options for integrating a bot mitigation solution such as Datadome or akamai bot manager?

Avatar

Level 9
Level 9
2/16/21 3:16:27 AM

We have just purchased a 3 year license for AEM cloud from a partner.

 

We need to protect the key APIs and pages from Bots, to avoid brute force attacks and spam account creation etc.

 

This could be done with recapcha, but recapcha has a 10% false positive rate (on our site at least), and we want a site wide production (excecpt static assets).

 

According to the docs: "AEM as Cloud Service is shipped with a default CDN." 

 

Does anyone know which CDN this is, and if we can add "market place" apps to it?

 

Assuming that the CDN which AEM uses is closed, so we cant add bot protection, has anyone had luck putting a CDN on top of the CDN?

 

Specifically, putting the Standard Edition of Cloudflare on top of whatever CDN AEM uses, so we can integrate via cloudflares marketplace?

 

 

 

 

 

 

 

Views

1.4K

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Employee Advisor
Employee Advisor
2/16/21 7:01:09 AM

Adobe uses Fastly CDN and it comes with DDOS protection. 

 

AEM as a Cloud Service also offers reliable protection against (distributed) denial-ofservice (DDoS) attacks on three different levels:
• Edge filtering all non-HTTP/HTTPS traffic to block disruptive Layer 3 and Layer 4
attacks
• Protection against generic Layer 7 threats enforced by logic running on the CDNs cache
nodes
• Additional Layer 7 filtering throughout the network stack to mitigate AEM specific
attack vectors

 

For more details please see - https://www.fastly.com/products/cloud-security/ddos-mitigation

View solution in original post

Views

1.4K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
1 Reply

Avatar

Correct answer by
Employee Advisor
Employee Advisor
2/16/21 7:01:09 AM

Adobe uses Fastly CDN and it comes with DDOS protection. 

 

AEM as a Cloud Service also offers reliable protection against (distributed) denial-ofservice (DDoS) attacks on three different levels:
• Edge filtering all non-HTTP/HTTPS traffic to block disruptive Layer 3 and Layer 4
attacks
• Protection against generic Layer 7 threats enforced by logic running on the CDNs cache
nodes
• Additional Layer 7 filtering throughout the network stack to mitigate AEM specific
attack vectors

 

For more details please see - https://www.fastly.com/products/cloud-security/ddos-mitigation

Views

1.4K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
Related Conversations
Integrate splunk with aemaacs

Views

44

Likes

0

Replies

1
How to Render the different version of Header for Specific Pages Using Experience Fragments in AEM?

Views

92

Likes

0

Replies

3
Way to remove the timestamp from the metadata field for expiry date

Views

119

Likes

0

Replies

4
AEM AS Cloud Service integration with Splunk

Views

79

Likes

0

Replies

2
Question Out of curiosity!! A asset upload in the AEM publish instance.

Views

102

Likes

0

Replies

2