We have just purchased a 3 year license for AEM cloud from a partner.
We need to protect the key APIs and pages from Bots, to avoid brute force attacks and spam account creation etc.
This could be done with recapcha, but recapcha has a 10% false positive rate (on our site at least), and we want a site wide production (excecpt static assets).
According to the docs: "AEM as Cloud Service is shipped with a default CDN."
Does anyone know which CDN this is, and if we can add "market place" apps to it?
Assuming that the CDN which AEM uses is closed, so we cant add bot protection, has anyone had luck putting a CDN on top of the CDN?
Specifically, putting the Standard Edition of Cloudflare on top of whatever CDN AEM uses, so we can integrate via cloudflares marketplace?
Solved! Go to Solution.
Views
Replies
Total Likes
Adobe uses Fastly CDN and it comes with DDOS protection.
AEM as a Cloud Service also offers reliable protection against (distributed) denial-ofservice (DDoS) attacks on three different levels:
• Edge filtering all non-HTTP/HTTPS traffic to block disruptive Layer 3 and Layer 4
attacks
• Protection against generic Layer 7 threats enforced by logic running on the CDNs cache
nodes
• Additional Layer 7 filtering throughout the network stack to mitigate AEM specific
attack vectors
For more details please see - https://www.fastly.com/products/cloud-security/ddos-mitigation
Adobe uses Fastly CDN and it comes with DDOS protection.
AEM as a Cloud Service also offers reliable protection against (distributed) denial-ofservice (DDoS) attacks on three different levels:
• Edge filtering all non-HTTP/HTTPS traffic to block disruptive Layer 3 and Layer 4
attacks
• Protection against generic Layer 7 threats enforced by logic running on the CDNs cache
nodes
• Additional Layer 7 filtering throughout the network stack to mitigate AEM specific
attack vectors
For more details please see - https://www.fastly.com/products/cloud-security/ddos-mitigation