If you have a CDN, does it mean you don't have to worry about DDoS attacks or will hackers still succeed in carrying out DDoS attacks?
I'm a VAR/System Integrator and I don't see any problem once you have Cloudflare.
CDN is not going to help you to avoid DDoS. The main function of a CDN is to deliver content faster. To mitigate the risk of a DDoS you need a Web Application Firewall (WAF). Todays WAF come with CDN capabilities.
Layer 3 or 4 DDoS are absorbed by the CDN as design (IP, TCP ,UDP), the high volume doesn't reach your origin server so you are automatically protected.
But in case of layer 7 DDoS, all application attacks (SQL injections, XSS, Remote file inclusion), you need a Web Application Firewall (WAF) to protect against this kind of threat, the CDN will not "see" and of course not block these attacks (and it's not his role)
How do CDNs work to mitigate threats?
Let the community know what you think. Share your opinions now!