Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
BedrockMission!

Learn more

View all

Sign in to view all badges

SOLVED

options for integrating a bot mitigation solution such as Datadome or akamai bot manager?

TB3dock
Level 7
Level 7

We have just purchased a 3 year license for AEM cloud from a partner.

 

We need to protect the key APIs and pages from Bots, to avoid brute force attacks and spam account creation etc.

 

This could be done with recapcha, but recapcha has a 10% false positive rate (on our site at least), and we want a site wide production (excecpt static assets).

 

According to the docs: "AEM as Cloud Service is shipped with a default CDN." 

 

Does anyone know which CDN this is, and if we can add "market place" apps to it?

 

Assuming that the CDN which AEM uses is closed, so we cant add bot protection, has anyone had luck putting a CDN on top of the CDN?

 

Specifically, putting the Standard Edition of Cloudflare on top of whatever CDN AEM uses, so we can integrate via cloudflares marketplace?

 

 

 

 

 

 

 

1 Accepted Solution
kunal23
Correct answer by
Level 10
Level 10

Adobe uses Fastly CDN and it comes with DDOS protection. 

 

AEM as a Cloud Service also offers reliable protection against (distributed) denial-ofservice (DDoS) attacks on three different levels:
• Edge filtering all non-HTTP/HTTPS traffic to block disruptive Layer 3 and Layer 4
attacks
• Protection against generic Layer 7 threats enforced by logic running on the CDNs cache
nodes
• Additional Layer 7 filtering throughout the network stack to mitigate AEM specific
attack vectors

 

For more details please see - https://www.fastly.com/products/cloud-security/ddos-mitigation

View solution in original post

1 Reply
kunal23
Correct answer by
Level 10
Level 10

Adobe uses Fastly CDN and it comes with DDOS protection. 

 

AEM as a Cloud Service also offers reliable protection against (distributed) denial-ofservice (DDoS) attacks on three different levels:
• Edge filtering all non-HTTP/HTTPS traffic to block disruptive Layer 3 and Layer 4
attacks
• Protection against generic Layer 7 threats enforced by logic running on the CDNs cache
nodes
• Additional Layer 7 filtering throughout the network stack to mitigate AEM specific
attack vectors

 

For more details please see - https://www.fastly.com/products/cloud-security/ddos-mitigation

View solution in original post