Introducing New Gcore Security Features

Introducing New Gcore Security Features

We are excited to announce two new Security features:

  • DDoS attacks statistics in your personal account
  • On/Off test cookies for specific URLs in bot protection

Here, we introduce what these features offer you and how to use them.

DDoS Attack Statistics

DDoS attack statistics allow you to monitor whatā€™s happening with your protected resources in real time – even during the attacks.

DDoS attack statistics show resourcesā€™ load with a breakdown by:

  • Time period: View general daily statistics or track/analyze attack magnitude in the real time
  • Traffic volume: Check the load in either bps (bits per second) or pps (packets per second)
  • Resource: See overall statistics for all your assets, or view by individual asset
Gcoreā€™s interface screenshot demonstrating attack statistics in pps
Attack statistics in pps

How to View Attack Statistics

To see attack statistics, navigate to IaaS service, click Reports > Traffic in your Gcore dashboard. You can filter by specific data centers, time intervals, and attack units (bps or pps) using the dropdown menus at the top of the page.

For example, in these two screenshots you can see attack statistics filtered by bps; above, we showed it in pps:

Gcoreā€™s interface screenshot demonstrating attack statistics in bps
Attack statistics in bps

Testcookie Protection Mechanism

Also in July, we added the ability to turn test cookie functionality on or off for specific protected URLs.

The test cookie function is an important tool for identifying and preventing automated access to websites, such as bot attacks. Test cookies check whether the HTTP client sending the request can handle cookies. This serves to gauge the authenticity of the client. If the client canā€™t handle cookies, the client request was probably generated by a bot, often malicious in nature. So failure to handle test cookies means our system will block the client request, preventing bad bot activity.

Do I Need to Enable Test Cookies for All My URLs?

Test cookies are effective in identifying and preventing automated bot attacks on sensitive or targeted URLs, enhancing security and performance. However, they may produce false positives with non-standard clients, prove unnecessary for publicly accessible content, and be bypassed by advanced bots, making it less effective in certain contexts.

How to Enable Test Cookies

Hereā€™s how to enable the feature:

  1. Go to Web Security and open the settings of the desired resource.
A screenshot of Gcoreā€™s Web security dashboard
Web security dashboard
  1. Open the Bot tab.
Screenshot of Bot Protection tab in Gcoreā€™s interface
Con Bot protection tab of Web Protection interface
  1. To take advantage of test cookies, your bot protection status must be set to High. Ensure that the High mode is selected in Bot protection:
A screenshot of the control panel shows a menu to select Bot Protection level
Control panel showing Bot Protection configuration, currently set to ā€œHighā€

When Bot Protection is set to High, test cookies are automatically available. If you set Bot Protection to Low, the testcookie function will be unavailable. You can turn testcookie on/off for specific URIs, shown at the bottom of the previous image.

  1. Save changes.

Try Our New Security Features Today

If youā€™re not yet using Gcore Security, we invite you to check out our DDoS Protection and Web Application Security products. If you have any questions or need assistanceā€”whether with these new Security features or any other Gcore serviceā€”weā€™d love to hear from you at support@gcore.com.

Introducing New Gcore Security Features

Subscribe
to our newsletter

Get the latest industry trends, exclusive insights, and Gcore
updates delivered straight to your inbox.