“An HTTP flood attack is a type of Layer 7 application attack that utilizes the standard valid GET/POST requests used to fetch information, as in typical URL data retrievals (images, information, etc.) during SSL sessions. An HTTP GET/POST flood is a volumetric attack that does not use malformed packets, spoofing or reflection techniques.” – DDoSAttacks.biz
In other words, a Layer 7 HTTP Flood Attack is a type of DDoS attack made to overload specific parts of a site or server. They are complex and they are hard to detect because the requests they send look like legitimate traffic. These requests consume the server’s resources and make the site go down. These requests can also be sent by bots, increasing the attack’s power.
Any client using our WAF is already automatically protected.