Understanding DoS/DDoS prevention in AEM

Last update: March 23, 2025
  • Applies to:
  • Experience Manager 6.5
  • Experience Manager as a Cloud Service

CREATED FOR:

  • Beginner
  • Admin
  • Developer

Learn about the options available to prevent and mitigate DoS and DDoS attacks on your AEM environment. Before diving into the prevention mechanisms, a brief overview of DoS and DDoS.

  • DoS (Denial of Service) and DDoS (Distributed Denial of Service) attacks are both malicious attempts to disrupt the normal functioning of a targeted server, service, or network, making it inaccessible to its intended users.
  • DoS attacks typically originate from a single source, while DDoS attacks come from multiple sources.
  • DDoS attacks are often larger in scale compared to DoS attacks due to the combined resources of multiple attacking devices.
  • These attacks are carried out by flooding the target with excessive traffic, and exploit vulnerabilities in network protocols.

The following table describes how to prevent and mitigate DoS and DDoS attacks:

Prevention MechanismDescriptionAEM as a Cloud ServiceAEM 6.5 (AMS)AEM 6.5 (On-prem)
Web Application Firewall (WAF)A security solution designed to protect web applications from various types of attacks.WAF-DDoS Protection licenseAWS or Azure WAF via AMS contract.Your preferred WAF
ModSecurityModSecurity (aka `mod_security` Apache module) is an open-source, cross-platform solution that provides protection from a range of attacks against web applications.
In AEM as a Cloud Service, this is only applicable to AEM Publish service as there is no Apache web server and AEM Dispatcher in front of AEM Author service.		Enable ModSecurity
Traffic filter rulesTraffic filter rules can be used to block or allow requests at the CDN layer.Example traffic filter rulesAWS or Azure rule limiting features.Your preferred solution