'DDOS in Cloud Run

I am currently running two containers on Cloud Run for my web app (React and Nodejs). I have been looking into how to prevent my apps from DDOS. Any suggestion?

node.jssecuritygoogle-cloud-platformgoogle-cloud-runddos


Solution 1:[1]

For Cloud Run, you should use a global external HTTP(S) load balancer (classic) which provides automatic multi-tier, multi-layer DoS protections that further reduce the risk of "any DoS impact". In addition, you can use Cloud Armor to control access to your Google Cloud Platform resources by creating security policies and also Cloud Armor provides Layer 3 and 4 DoS attack protections and layer 7 DoS attack protection(Adaptive Protection) and more features(Managed Protection Plus).

*In detail, a global external HTTP(S) load balancer (classic) is based on Google Front End(GFE) which provides automatic multi-tier, multi-layer DoS protections that further reduce the risk of any DoS impact.

Actually, Google doesn't clearly mention which layers of DoS attacks a global external HTTP(S) load balancer (classic) can protect from. Google only says "any DoS impact". I guess "any DoS impact" can be layer 3, 4 and 7 DoS attacks.

I referred to:

Choosing a load balancer

feedbackGoogle Infrastructure Security Design Overview

DDoS protection and mitigation on GCP

Google Cloud Armor

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1

Related Questions

Secure cookies flag always getting lost in first session after resetting IIS

How to show or hide contents of an aspx page based on current user's roles

protect images on webpage from being copied/saved?

Getting error "403 - Forbidden: Access is denied" on browser when user is NOT administrator

Disable SSLHandshakeException for a single connection

SSL certificate error for IE users only

How to access HttpContext and Request in RequireAssersion?

Send Public key(generated as seckeyref in iPhone) to server(in Java)

The EXECUTE permission is denied on the user-defined table types?

cannot commit or push using egit (guess: issues with secure storage area)

Authorisation in microservices - how to approach domain object or entity level access control using ACL?

Adding nonce value to @Scripts.Render ASP.Net MVC razor pages with NWebSec

SSL Java java.io.IOException: Invalid keystore format

preventing abuse of API service usage

Protecting or Licensing a Django Application