Developers

Discover the latest industry trends, get ahead with cutting‑edge insights, and be in the know about the newest Gcore innovations.

Blog Developers

What is an SSL handshake?

An SSL handshake, more accurately called a TLS handshake, is a process that establishes a secure encrypted connection between a client (like a web browser) and a server before any data transfer begins. As of 2024, over 95% of HTTPS websites

November 18, 2025 9 min read

What is API Rate Limiting?

API rate limiting is the process of controlling how many requests a user or system can make to an API within a specific timeframe. This mechanism caps transactions to prevent server overload and ensures fair distribution of resources across

November 14, 2025 10 min read

What is Bot mitigation?

Bot mitigation is the process of detecting, managing, and blocking malicious bots or botnet activity from accessing websites, servers, or IT ecosystems to protect digital assets and maintain a legitimate user experience. Malicious bots acco

November 12, 2025 5 min read

What is GEO DNS?

GeoDNS is a DNS server technology that returns different IP addresses based on the geographic location of the client making the request. This enables geographic split-horizon DNS responses, directing users to servers closest to their physic

November 7, 2025 7 min read

Good bots vs Bad Bots

Good bots vs bad bots is the distinction between automated software that helps websites and users versus programs designed to cause harm or exploit systems. Malicious bot attacks cost businesses an average of 3.6% of annual revenue.A bot is

November 5, 2025 7 min read

What is DNS Cache Poisoning?

DNS cache poisoning is a cyberattack in which false DNS data is inserted into a DNS resolver's cache, causing users to be redirected to malicious sites instead of legitimate ones. As of early 2025, over 30% of DNS resolvers worldwide remain

November 4, 2025 5 min read

What is bot management?

Bot management is the process of detecting, classifying, and controlling automated software programs that interact with web applications, APIs, and mobile apps. This security practice separates beneficial bots from malicious ones, protectin

October 31, 2025 9 min read

What is a DNS flood attack?

A DNS flood is a type of Distributed Denial of Service (DDoS) attack that overwhelms DNS servers with massive volumes of queries, exhausting server resources and causing service disruption or complete outage for legitimate users. DNS-based

October 29, 2025 8 min read

What are WAF policies and how do they protect web applications?

A WAF policy is a set of rules that defines how a Web Application Firewall inspects incoming web traffic and what actions to take (allow, block, challenge, or log) based on detected threats or patterns. Over 80% of web applications are vuln

October 27, 2025 11 min read

What is a cloud WAF?

A cloud WAF (Web Application Firewall) is a security service deployed in the cloud that protects web applications from attacks such as SQL injection, cross-site scripting (XSS), and DDoS by filtering and monitoring HTTP/HTTPS traffic betwee

October 24, 2025 9 min read

What is a Slowloris attack?

A Slowloris attack is a denial-of-service (DoS) attack that targets web servers by opening multiple connections and keeping them open with partial HTTP requests, exhausting the server's connection pool. Created by Robert “RSnake” Hansen, it

October 22, 2025 9 min read

What is an HTTP flood attack?

An HTTP flood attack is a type of Distributed Denial of Service (DDoS) attack that overwhelms a web server or application with a massive volume of seemingly legitimate HTTP requests, rendering it unresponsive to real users. Layer 7 (applica

October 20, 2025 11 min read

What is a SYN flood attack?

A SYN flood is a type of distributed denial-of-service (DDoS) attack that exploits the TCP three-way handshake process to overwhelm a target server, making it inaccessible to legitimate traffic. Over 60% of DDoS attacks in 2024 involve SYN

October 17, 2025 8 min read