Skip to main content

Overview

At Syncara Host, we take network security seriously. All of our services come with built-in Layer 7 (Application Layer) DDoS protection powered by Cloudflare, applied across our entire server infrastructure. This ensures that your services remain accessible and resilient against common web-based attacks without any additional configuration on your end.

What’s Included

Every Syncara Host service benefits from the following protection by default:
  • Cloudflare L7 Protection — All HTTP/HTTPS traffic is proxied through Cloudflare’s global network, filtering out malicious requests before they ever reach your server.
  • Automated Threat Detection — Cloudflare’s intelligent systems automatically detect and mitigate volumetric attacks, bot traffic, and application-layer exploits in real time.
  • Web Application Firewall (WAF) — Pre-configured rulesets protect against common attack vectors such as SQL injection, XSS, and other OWASP Top 10 threats.
  • Rate Limiting — Automatic rate limiting is applied to prevent abuse and ensure fair usage across all services.
  • Always-On Mitigation — Protection is active at all times. There is no need to manually enable it during an attack.

How It Works

All incoming traffic to your server is routed through Cloudflare’s edge network, which spans over 300 cities worldwide. When an attack is detected:
  1. Malicious traffic is identified and filtered at the edge, closest to the attack source.
  2. Legitimate traffic passes through normally with minimal added latency.
  3. Your origin server only receives clean, validated requests.
This approach ensures that your server’s resources are never wasted processing malicious traffic, keeping performance stable even during large-scale attack events.

Enterprise-Grade Network Protection

For businesses and large-scale deployments that require an additional layer of defense beyond our standard Cloudflare L7 protection, we offer Enterprise-Grade Network DDoS Protection as an add-on service. This premium tier includes:
  • Layer 3/4 (Network Layer) Mitigation — Protection against volumetric attacks targeting your raw IP, including UDP floods, SYN floods, and amplification attacks.
  • Dedicated Mitigation Capacity — Guaranteed bandwidth allocation for absorbing large-scale attacks.
  • Custom Firewall Rules — Tailored filtering rules configured specifically for your traffic patterns and use case.
  • Priority Incident Response — Direct escalation path for DDoS-related incidents with faster response times.
Enterprise-Grade Network Protection is available as a paid add-on and is subject to additional fees based on your requirements. To request this service, please open a support ticket at support@syncara.host and our team will assess your needs and provide a custom quote.

Recommendations

To maximize the effectiveness of our DDoS protection, we recommend the following best practices:
  • Keep your origin IP private — Do not expose your server’s actual IP address in DNS records or public configurations.
  • Use Cloudflare’s proxy mode — Ensure your DNS records are proxied (orange cloud enabled) rather than DNS-only.
  • Monitor traffic patterns — Regularly review your server’s traffic in the Syncara Control Panel to spot anomalies early.
  • Report attacks promptly — If you notice unusual traffic or degraded performance, open a support ticket immediately so our team can investigate.