Recipe: DDoS mitigation playbook
Step-by-step response when volumetric or application-layer floods hit your Meridian-protected endpoints.
1. Confirm the attack
Check the Meridian dashboard → Events tab. Look for sustained spikes in requests-per-second, 429 rate-limit hits, or connection exhaustion on non-cached routes.
2. Enable emergency mode
Toggle “Emergency Shield” in the dashboard. This activates strict IP reputation filtering, geo-blocking of non-whitelisted regions, and aggressive SYN cookie enforcement at the edge.
3. Tune rate limits
Drop per-IP limits to 5 req/s for unauthenticated traffic. Apply per-endpoint caps on /api/auth and /api/checkout. Monitor the “Throttled” counter in real time.
4. Deploy challenge pages
Enable JS challenge or CAPTCHA for suspicious sessions. Meridian injects these at the edge without touching your origin. Watch the pass/fail ratio to tune sensitivity.
5. Post-mortem
Export the attack timeline from the dashboard. Identify the vector (UDP amplification, HTTP flood, Slowloris). Update your WAF rules and share the report with your upstream provider.
Need help during an active attack? Open a priority ticket — our SOC responds in under 5 minutes for Enterprise plans.