Set Up Google Cloud Armor to Secure your Website. Cloud Armor is a distributed service which is supported with Global HTTP(S) Load Balancer to provide built-in defenses against infrastructure DDoS attacks.
It will also scale up based on your traffic. You can also build your custom rules to protect your application.
Permit or block your incoming traffic based on IP addresses or ranges using allow lists and deny lists.
You can also use Cloud Armor’s flexible rules language to customize your defenses and mitigate multivector attacks. It also provides predefined rules to defend against cross-site scripting (XSS) and SQL injection (SQLi) application-aware attacks.
- Project on Google Cloud with billing enabled.
- Load Balancer Set Up on Google Cloud.
Set Up Cloud Armor
Go to your Google Cloud Console and navigate to Network Security >> Cloud Armor.
Click Create policy.
Create Cloud Armor Security Policy
To create Cloud Armor security policies and rules and attach the Cloud Armor security policy to a target:
Fill all the details in the Create policy page.
- In the Name field, type the name of your policy.
- Optionally, type a description of the policy.
- Choose Allow or Deny for the default rule.
If you are creating a Deny rule, choose the Deny status. This is the error message that will be displayed if a user without access tries to gain access.
Click Next Step.
Add more rules
- Optionally, type in a Description of the rule.
- In the Match field, type in from one (1) to five (5) IP address ranges to match in the rule.
- Choose Allow or Deny, depending on the type of rule you are creating.
- To enable the rule, check Enable. Otherwise, you will see the preview of how the rule behaves.
- Type the rule’s Priority. This can be any positive integer from 0 to 2,147,483,647, with 0 being the highest priority.
- Click Done.
- To add additional rules, click Add rule. Otherwise click Next step.
Apply Policy to Targets
Now you can apply the policy the targets.
- Click Add target.
- Select a Target from the drop-down list.
- To add more targets, click Add target.
- Click Done.
- Click Create policy.
Now you have learned how to secure your website on Google Cloud Platform with Cloud Armor from DDoS,
If you have anything to discuss please post your comment below. Thank you!