General information about DDoS protection

Last update: May 30 2026

A DDoS attack is a distributed denial-of-service attack. During an attack, a large number of requests are sent to a service to reduce its performance or take it offline completely. Learn more about types of DDoS attacks and protection methods in the Selectel blog article How to protect a server from DDoS attacks.

All Selectel products are protected by default. To increase service security, you can enable additional protection. Read more about choosing a protection service in the Choosing additional protection.

Types of protection

Default protection

For all IP addresses in the Selectel autonomous system, Selectel DDoS protection is enabled automatically

Protection is provided at the network and transport layer (L3, L4). Incoming traffic is analyzed, and unwanted traffic flows from the external network are blocked.

Additional protection

For IP addresses used in the Selectel infrastructure, you can enable protection services based on partner solutions:

• Curator;
• DDoS-Guard;
• StormWall.

Incoming traffic is sent to a partner filtering system, where it is analyzed and cleaned; then, the cleaned traffic is redirected to the protected server in the Selectel infrastructure.

Selecting additional protection

1. Define your protection goal.
2. Select a DDoS protection service that suits your needs.

1. Define the protection goal

	Network and transport layer protection (L3, L4)		Protection at the level of application layer (L7)
Attack target	Bandwidth exhaustion, network infrastructure disruption	Network connection disruption due to vulnerabilities in basic data transmission protocols (TCP/IP)	Attacks on the logic and data of websites and applications
Mitigation method	Traffic header analysis at layers L3 and L4, identifying issues on network equipment	Traffic filtering based on user behavior analysis and network packet parameters	Traffic filtering at the application protocol levels (HTTP/HTTPS, DNS, etc.) taking into account application-specific features

2. Select a DDoS protection service

	DDoS-Guard L3-L4 protection	DDoS-Guard website protection and acceleration	Curator protection	StormWall network protection	StormWall website protection
Network layer protection (L3, L4)	✓	✗	✓	✓	✓
Website, application layer protection (L7)	✗	✓	✓ *	✗	✓

* You can additionally protect your application from targeted attacks using WAF Curator.