The ngrok cloud service automatically protects all Endpoints from attacks with
its proprietary DDoS Firewall. The DDoS Firewall scans traffic flows into your
endpoints for malicious actors, patterns and threats in real-time. When an
attack is detected, the firewall proactively blocks incoming connections from
the attackers IPs.
In addition to ngrok’s out-of-the-box DDoS Firewall, we also recommend taking
the following measures to help protect your endpoints from attacks:
Prevent attacks by enforcing authentication with Traffic Policy actions.
Traffic Policy is enforced in the ngrok cloud service so that only
legitimate traffic is sent to the upstream service in your network. ngrok’s
cloud service absorbs all of the unauthenticated traffic. You can use the
following traffic policy actions to block unauthenticated traffic:
Use the Traffic Policy Circuit Breaker
action on your Agent
Endpoints. This module protects your
upstream applications when they become overloaded by blocking traffic to them
in ngrok’s cloud service until they can recover.