- Robert JLv 72 months ago
The only protection from a distributed attack is a distributed firewall than can block malicious connections well away from the target.
A DDoS (Distributed Denial of Service) attack is using hundred or thousands of taken-over computer "bots" to simultaneously access one system, so it & the network connections to it are clogged up and cannot do anything.
Nothing done at the target system itself can have any effect - the network is clogged and blocked; it needs a system of filter machines scattered throughout the internet world-wide to block the individual malicious connections before data is sent to the attack target, so nothing gets clogged up in the first place.
That is what the cloudflare system does.