Expand my Community achievements bar.

Dive into Adobe Summit 2024! Explore curated list of AEM sessions & labs, register, connect with experts, ask questions, engage, and share insights. Don't miss the excitement.
SOLVED

options for integrating a bot mitigation solution such as Datadome or akamai bot manager?

Avatar

Level 9

We have just purchased a 3 year license for AEM cloud from a partner.

 

We need to protect the key APIs and pages from Bots, to avoid brute force attacks and spam account creation etc.

 

This could be done with recapcha, but recapcha has a 10% false positive rate (on our site at least), and we want a site wide production (excecpt static assets).

 

According to the docs: "AEM as Cloud Service is shipped with a default CDN." 

 

Does anyone know which CDN this is, and if we can add "market place" apps to it?

 

Assuming that the CDN which AEM uses is closed, so we cant add bot protection, has anyone had luck putting a CDN on top of the CDN?

 

Specifically, putting the Standard Edition of Cloudflare on top of whatever CDN AEM uses, so we can integrate via cloudflares marketplace?

 

 

 

 

 

 

 

1 Accepted Solution

Avatar

Correct answer by
Employee Advisor

Adobe uses Fastly CDN and it comes with DDOS protection. 

 

AEM as a Cloud Service also offers reliable protection against (distributed) denial-ofservice (DDoS) attacks on three different levels:
• Edge filtering all non-HTTP/HTTPS traffic to block disruptive Layer 3 and Layer 4
attacks
• Protection against generic Layer 7 threats enforced by logic running on the CDNs cache
nodes
• Additional Layer 7 filtering throughout the network stack to mitigate AEM specific
attack vectors

 

For more details please see - https://www.fastly.com/products/cloud-security/ddos-mitigation

View solution in original post

1 Reply

Avatar

Correct answer by
Employee Advisor

Adobe uses Fastly CDN and it comes with DDOS protection. 

 

AEM as a Cloud Service also offers reliable protection against (distributed) denial-ofservice (DDoS) attacks on three different levels:
• Edge filtering all non-HTTP/HTTPS traffic to block disruptive Layer 3 and Layer 4
attacks
• Protection against generic Layer 7 threats enforced by logic running on the CDNs cache
nodes
• Additional Layer 7 filtering throughout the network stack to mitigate AEM specific
attack vectors

 

For more details please see - https://www.fastly.com/products/cloud-security/ddos-mitigation