What is DDoS (Distributed Denial of Service)?
Turkish: DDoS
DDoS is an attack that floods a service from many sources, requiring capacity, filtering, monitoring, and mitigation planning.
What is DDoS?
DDoS (Distributed Denial of Service) is an attack that attempts to make a website, API, DNS service, or infrastructure component unavailable by overwhelming it with traffic from many sources. The traffic does not come from one machine; it often comes from compromised devices or distributed botnets.
A DDoS attack does not have to steal data. The main risks are service outage, revenue loss, damaged customer trust, and operations teams losing visibility into which requests are legitimate.
Attack Types
DDoS can target different layers. Volumetric attacks try to consume bandwidth. Protocol attacks target weaknesses in TCP, UDP, or connection handling. Application-layer attacks mimic normal user requests but multiply expensive operations on the server.
Common examples include:
- UDP floods and DNS amplification
- SYN floods
- HTTP GET/POST floods
- Heavy request bursts against API endpoints
- Bot traffic that exhausts login or search pages
Risk and Protection
DDoS is not a performance improvement topic; it is an availability and security risk. Protection combines CDN, WAF, rate limiting, anycast networking, automated traffic scrubbing, caching strategy, and realistic capacity planning.
A firewall alone may not be enough because attack traffic often needs to be filtered before it reaches the application. Edge services such as Cloudflare can help manage the risk through DDoS mitigation, bot filtering, and rapid rule deployment.