Skip to content

Commit 20289e3

Browse files
patriciasantaanapatriciasantaana
committed
botnet threat feed details
1 parent 32cc1b3 commit 20289e3

File tree

1 file changed

+7
-0
lines changed

1 file changed

+7
-0
lines changed

src/content/docs/ddos-protection/botnet-threat-feed.mdx

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,8 @@ A single DDoS attack consisting of thousands of bots can involve as little as on
2323

2424
In the case of HTTPS DDoS attacks, service providers only see encrypted payloads leaving their network without any possibility to decrypt or understand if it is malicious or legitimate traffic. However, Cloudflare can see an entire attack and all of its sources if the attack targets an Internet property that uses Cloudflare's services. This global view can help service providers stop the abusers.
2525

26+
For more details, refer to [How DDoS protection works](/ddos-protection/about/how-ddos-protection-works/).
27+
2628
## Availability
2729

2830
The Cloudflare DDoS Botnet Threat Feed is available for free to service providers. For more information, refer to the [Terms of Use](https://www.cloudflare.com/en-gb/service-specific-terms-application-services/#ddos-botnet-threat-feed).
@@ -45,6 +47,10 @@ Make sure that:
4547
4. On the list of ASNs configured for your threat feed, select **Add ASN**.
4648
5. You will be redirected to the PeeringDB authentication page, where you can log in and consent to share the affiliation data with us. You will be redirected back to the configuration page once it is successful.
4749

50+
:::note
51+
You can add multiple ASNs to your threat feed.
52+
:::
53+
4854
### 2. Obtain Cloudflare API token
4955

5056
You must [obtain a Cloudflare API token](/fundamentals/api/get-started/create-token/) with at least the following account-level permission:
@@ -66,6 +72,7 @@ Invoke one of the Botnet Threat Feed API endpoints:
6672

6773
- The API URI path is planned to change from `.../botnet_feed/...` to `.../ddos_botnet_feed/...` in the future.
6874
- Responses with no IP addresses in the results (empty state) will return an `HTTP 200` status code (success), with an empty list in the `result` property.
75+
- When the response is a success but the result is `0` or `null`, this means that there are no detected offenses.
6976
:::
7077

7178
To invoke an API endpoint, append the operation endpoint to the Cloudflare API base URL:

0 commit comments

Comments
 (0)