Salesforce B2C Commerce 24.7 > B2C Commerce Security Guide > Security Best Practices for Administrators

Denial-of-Service Protection

In a denial-of-service (DoS) attack, the attacker attempts to deny computer resources to a network’s users. Attackers usually accomplish this by overwhelming the target computer system’s resources with unauthorized requests, which prevent valid users from accessing the network.

In a distributed denial-of-service (DDoS) attack, the attack comes from many sources instead of a single intruder. The primary mechanism used to mitigate the impact of a DoS attack is the eCDN, which provides DoS and DDoS protection. The eCDN offers automatic protection against a range of TCP floods, including SYN, UDP, and ICMP attacks. The eCDN can also lessen the impact of DoS attacks by configuring IP firewall rules, WAF rules, eCDN security levels, and CAPTCHA challenges.

You can mitigate credential stuffing attacks using customer and user login lockout policies. You can use sophisticated rate-limiting functionality for custom code used to develop a web service.

Related concepts
Storefront Network Access
User Authentication
Web Services

Infocenter Retirement: On June 30, 2023, the Infocenter was retired, and documentation currently hosted on the Infocenter will be published to Salesforce Help, Commerce Cloud Developer Center, and Salesforce B2C Commerce Developer Documentation Resources. For more information, see the release note.