What is Origin Shield?
The Yottaa Origin Shield is an extra layer of security sitting between the end-user and your origin server. When Origin Shield is enabled Yottaa customers can block all other traffic, aside from Yottaa traffic.
Benefits of Origin Shield
The immediate benefit from enabling the Origin Shield is protection from attackers directly targeting your origin servers in events such as DDOS attacks. Instead these instances are forced through Yottaa, where traffic is scrubbed and threats can be mitigated.
Enable the Origin Shield
- Yottaa IPs must be added to your origin server whitelist.
a. In the Yottaa portal under Security, the list of IPs is located in the Origin Shield tab:
Note: You can either Export the list or copy the addresses to clipboard for easy transfer to your whitelist rule.
b. There is an API available that will retrieve the IP list.
Example: Replace user-specific information with your own.
curl -H "YOTTAA-API-KEY: [YOUR API KEY]" “https://api.yottaa.com/YottaaIPs?user_id=[YOUR USER ID]”
2. Once the Yottaa traffic is included in your whitelist you can revisit the Yottaa Portal > Security > Origin Shield, and click the Enable button.
Note: Enabling Origin Shield will remove the “Bypass” status option. Transparent Proxy mode is the alternative status for troubleshooting.