Used by default will be Round-robin algorithm, and IPhash will be selectable. If required, you may adjust a more flexible balancing of filtered traffic between your addresses. To do this, you may combine the above balancing techniques with the use of backup addresses (Primary-Backup), and assign them a 'weight' (Weighted load balancing) to distribute the load percentagewise. For the relevant details refer to 'Upstreams' Section of the personal account link: https://client.qrator.net/qrator/faq/?page=upstreams

This might be due to the three following reasons:
- either all the DNS-servers have failed to update their entries, and the traffic is not entirely protected (you have to wait);
- or, before the connection to Qrator, you have failed to change your server IP-address already known to the attacker, and the attack continues directly (ask the hoster for a new ip);
- having failed to change IP-address, you have also failed to make your server unaccessible to all IP-addresses except for our nodes. You can do this in your firewall or referring to hosting provider. Personal account assistance online contains our recommendation for firewall adjustment: https://client.qrator.net/qrator/faq/?page=fwconfig.

POST query size is subject to restrictions. In the event of the query size excess, the site users will receive Error 413 message. There are certain options to handle the problem such as:

1. You 'withdraw' from under Qrator protection subdomain upload.example.com, intended to download the files. This will also help you optimize bandwidth of traffic passing through Qrator network;
2. Should there be no large number of clients about to unload heavy files, they may bring into hosts file a direct IP-address of a protected resource, and operate bypassing Qrator network.
3. Deploy a protection technique capable to tunnel the protected application's traffic and adjustable within the framework of service 'HTTPS Filtration with no keys disclosure (PCI-DSS ready)'. For the technique's details refer to link: https://qrator.net/ru/qrator-technologies/https-ne. Although this technique is not liable to the above restriction, please have in mind that all legitimate traffic passing through our network is subject to charges.
https://qrator.net/ru/pricing

Yes, there are two options:
1) with the disclosure of encryption keys and proxying of the protected application HTTPS traffic. User adjusts the service at personal account by downloading and setting up a chain of certficates with a private key to target domain;
2) w/o the disclosure of keys with the use of protected application traffic tunneling technique (refer to Section [HTTPS filtration w/o disclosure of keys (PCI-DSS ready)](https://qrator.net/ru/qrator-technologies/https-ne)]). User adjusts the service jointly with technical support personnel.

These are probably our filtration points. All users' queries arrive at such points to be, once analyzed and filtered, proxied to the protected server. Compare suspected addresses with IP-addresses of our filtration nodes (find their list at personal account: https://client.qrator.net/qrator/faq/?page=fwconfig); in the event of their coincidence, we do advise to adjust the processing of header X-Forwarded-For, to which we add users' real addresses: https://client.qrator.net/qrator/faq/?page=realip. Should the addresses differ, create an order at Qrator personal account for the further checkup.

Traffic analysis is based on many criteria. The major ones are: users' behaviour, history of their queries, service capability of the server protected. Peculiarities of site visitor's act habits in the low-level context of TCP connection will also be taken into consideration.

No, protection will only be enabled and disabled by changing A-entry in DNS.

Once blocked, an IP-address will eventually be deblacklisted at least in 5 minutes and at most in 8 hours.

We work on 24/7 basis.

Subject to rates shall be legitimate traffic i.e. users' traffic. Attack traffic shall be no rateable. Chargeable traffic shall be calculated as follows: over an accounting period (calendar month) with 1 minute interval, taken into account shall be an average value of the prevailing traffic band (a maximum between the filtered incoming traffic and the site outgoing traffic) at such interval. At the end of the accounting period, 90 (ninety) maximum values taken into account shall be discarded, then maximum remaining traffic value taken into account shall be rounded down to a whole number of Mbit/s. The number obtained shall stand for the chargeable traffic band value.

You may connect to our system for a free weekly test. At the test end, you will find the required statistics at personal account.

Filtration performance will remain unaffected, and DDos will be neutralized. You will be offered a transfer to a rate plan conforming to your risks. In the event of consent, it will remain valid for at least three months. In the event of your refusal, we may limit all the incoming traffic (including the legitimate one) to a level provided for by your rates.

You have to:
- ask hosting provider for another IP preferably belonging to another subnetwork;
- in your firewall, permit connections from Qrator network nodes alone, banning all the rest. Find relevant instruction at personal account: https://client.qrator.net/qrator/faq/?page=fwconfig;
- at Qrator personal account, replace direct IP-address of the application for a new one obtained from hosting provider

To change A-entry, use control panel of your hosting provider, should the latter be entrusted with domain name control, or control panel of the recorder having registered your domain. Always change A-entry to make it indicate Qrator network IP-address specified during the registration.

The time depends on the A-entry update rate at all DNS servers, being equal to A-entry TTL that differs between various clients. Qrator network will be ready to process traffic and take over protection as soon as the traffic enters Qrator IP.

We add IP-address of the site user to header 'X-Forwarded-For', find instruction for this header processing adjustment at personal account: https://client.qrator.net/qrator/faq/?page=realip

Subscription fee is chargeable for a month as a whole, irrespective of the connection date. An advice: if you are not under attack, probably it's no need to connect at the end of the month - wait a few days to save the whole month fee.

The general concept is as follows:
1. Log in or authorize in the system https://client.qrator.net/auth/register/
2. Create domain https://client.qrator.net/qrator/domain/list/
3. Following the instruction sent to your mail, download certificate to personal account. In the event that the site works to HTTPS, transfer А-entry to Qrator IP.
4. At the same time, we do advise to ask the hosting for a new IP-address, to publish it nowhere, indicating it at Qrator personal account as an upstream to avoid further attack on the direct address.
5. After the transfer of traffic to Qrator IP, make the protected server unaccessible to all addresses except for Qrator IP listed as follows: https://client.qrator.net/qrator/faq/?page=fwconfig

Each month before day 20, we charge subscription fee for the next month, and before day 5, we charge payment for legitimate traffic passed in the previous month.

After an attack, a PDF report containing the attack details will be sent to your mail. The report will also be downloadable to personal account: https://client.qrator.net/qrator/reports/