Information for: DEVELOPERS   PARTNERS

Defending your website against attacks

If your Acquia Cloud-hosted websites that are protected by Acquia Cloud Edge Protect are under threat of attack or are currently being attacked, you should immediately take the following steps for maximum protection of your websites:

  1. Sign in to your Acquia Cloud Edge web user interface.

  2. In the Overview section, click the Quick Actions select box, and then click Under Attack Mode. This enables additional protections to stop potentially malicious HTTP traffic from being passed to your server.

    Under Attack Mode


    Whenever Under Attack Mode is enabled, first-time visitors to your website will be briefly served an interstitial page while the additional checks are performed to verify that the traffic is legitimate.

  3. Navigate to the Firewall section of the Acquia Cloud Edge Protect interface, identify the Web Application Firewall option, and then click On.

  4. Navigate to your Domain Name Server (DNS) settings in the Acquia Cloud Edge Protect interface, and then configure your DNS settings for maximum protection:

    • Enable the Acquia Cloud Edge security on the web records you use, including SSH. Protocols with security disabled are gray; protocols with security enabled are orange. Enabling these security protocols will disable these services, protecting your servers from additional modes of attack.
    • Use your origin IP address to perform actions like SSH, as all other IP addresses will be disallowed.
    • Delete any wildcard records, unless they are required, as they will expose your origin IP address.
    • Remove any mail records that expose your origin IP address.
  5. Do not rate-limit or throttle requests from Acquia Cloud Edge IP addresses.

  6. Contact Acquia Support, and in the Support ticket that you create, provide detailed information about the attack to help Acquia Support better assist you in determining next steps.