{"id":3887,"date":"2026-01-01T15:37:00","date_gmt":"2026-01-01T12:37:00","guid":{"rendered":"https:\/\/www.dchost.com\/blog\/kucuk-ve-orta-olcekli-siteler-icin-ddos-koruma-stratejileri\/"},"modified":"2026-01-01T15:37:00","modified_gmt":"2026-01-01T12:37:00","slug":"kucuk-ve-orta-olcekli-siteler-icin-ddos-koruma-stratejileri","status":"publish","type":"post","link":"https:\/\/www.dchost.com\/blog\/kucuk-ve-orta-olcekli-siteler-icin-ddos-koruma-stratejileri\/","title":{"rendered":"K\u00fc\u00e7\u00fck ve Orta \u00d6l\u00e7ekli Siteler \u0130\u00e7in DDoS Koruma Stratejileri"},"content":{"rendered":"<div class=\"dchost-blog-content-wrapper\"><div id=\"toc_container\" class=\"toc_transparent no_bullets\"><p class=\"toc_title\">\u0130&ccedil;indekiler<\/p><ul class=\"toc_list\"><li><a href=\"#Kucuk_ve_Orta_Olcekli_Siteler_Icin_DDoS_Neden_Ciddi_Bir_Risk\"><span class=\"toc_number toc_depth_1\">1<\/span> K\u00fc\u00e7\u00fck ve Orta \u00d6l\u00e7ekli Siteler \u0130\u00e7in DDoS Neden Ciddi Bir Risk?<\/a><\/li><li><a href=\"#DDoS_Saldiri_Turlerini_Kisa_ve_Net_Anlamak\"><span class=\"toc_number toc_depth_1\">2<\/span> DDoS Sald\u0131r\u0131 T\u00fcrlerini K\u0131sa ve Net Anlamak<\/a><ul><li><a href=\"#L3L4_Saldirilari_Bant_Genisligi_ve_TCPUDP_Taskini\"><span class=\"toc_number toc_depth_2\">2.1<\/span> L3\/L4 Sald\u0131r\u0131lar\u0131: Bant Geni\u015fli\u011fi ve TCP\/UDP Ta\u015fk\u0131n\u0131<\/a><\/li><li><a href=\"#L7_Uygulama_Katmani_Saldirilari_WordPress_API_ve_Arama_Sayfalari\"><span class=\"toc_number toc_depth_2\">2.2<\/span> L7 (Uygulama Katman\u0131) Sald\u0131r\u0131lar\u0131: WordPress, API ve Arama Sayfalar\u0131<\/a><\/li><li><a href=\"#Hedefli_mi_Otomatik_mi\"><span class=\"toc_number toc_depth_2\">2.3<\/span> Hedefli mi, Otomatik mi?<\/a><\/li><\/ul><\/li><li><a href=\"#Neden_Cok_Katmanli_DDoS_Koruma_Sart\"><span class=\"toc_number toc_depth_1\">3<\/span> Neden \u00c7ok Katmanl\u0131 DDoS Koruma \u015eart?<\/a><\/li><li><a href=\"#Cloudflare_Katmaninda_Uygulanabilir_Ayarlar\"><span class=\"toc_number toc_depth_1\">4<\/span> Cloudflare Katman\u0131nda Uygulanabilir Ayarlar<\/a><ul><li><a href=\"#1_DNS_ve_Proxy_Yapilandirmasi\"><span class=\"toc_number toc_depth_2\">4.1<\/span> 1. DNS ve Proxy Yap\u0131land\u0131rmas\u0131<\/a><\/li><li><a href=\"#2_Security_Level_ve_Temel_Koruma_Modlari\"><span class=\"toc_number toc_depth_2\">4.2<\/span> 2. Security Level ve Temel Koruma Modlar\u0131<\/a><\/li><li><a href=\"#3_WAF_ve_Bot_Korumasi\"><span class=\"toc_number toc_depth_2\">4.3<\/span> 3. WAF ve Bot Korumas\u0131<\/a><\/li><li><a href=\"#4_Onbellekleme_Cache_ve_Edge_Seviyesinde_Hafifletme\"><span class=\"toc_number toc_depth_2\">4.4<\/span> 4. \u00d6nbellekleme (Cache) ve Edge Seviyesinde Hafifletme<\/a><\/li><\/ul><\/li><li><a href=\"#Rate_Limit_Stratejileri_Cloudflare_Sunucu_El_Ele\"><span class=\"toc_number toc_depth_1\">5<\/span> Rate Limit Stratejileri: Cloudflare + Sunucu El Ele<\/a><ul><li><a href=\"#1_Nerede_Rate_Limit_Uygulamalisiniz\"><span class=\"toc_number toc_depth_2\">5.1<\/span> 1. Nerede Rate Limit Uygulamal\u0131s\u0131n\u0131z?<\/a><\/li><li><a href=\"#2_Cloudflare_Rate_Limit_Ornegi_L7_Tarafi\"><span class=\"toc_number toc_depth_2\">5.2<\/span> 2. Cloudflare Rate Limit \u00d6rne\u011fi (L7 Taraf\u0131)<\/a><\/li><li><a href=\"#3_Nginx_Uzerinde_Basit_Rate_Limit_Ornegi\"><span class=\"toc_number toc_depth_2\">5.3<\/span> 3. Nginx \u00dczerinde Basit Rate Limit \u00d6rne\u011fi<\/a><\/li><li><a href=\"#4_Apache_mod_ratelimit_mod_evasive_ile_Yaklasim\"><span class=\"toc_number toc_depth_2\">5.4<\/span> 4. Apache (mod_ratelimit \/ mod_evasive) ile Yakla\u015f\u0131m<\/a><\/li><\/ul><\/li><li><a href=\"#Sunucu_ve_Isletim_Sistemi_Ayarlariyla_Dayanikliligi_Artirmak\"><span class=\"toc_number toc_depth_1\">6<\/span> Sunucu ve \u0130\u015fletim Sistemi Ayarlar\u0131yla Dayan\u0131kl\u0131l\u0131\u011f\u0131 Art\u0131rmak<\/a><ul><li><a href=\"#1_Firewall_ve_Temel_Ag_Sertlestirmesi\"><span class=\"toc_number toc_depth_2\">6.1<\/span> 1. Firewall ve Temel A\u011f Sertle\u015ftirmesi<\/a><\/li><li><a href=\"#2_Fail2ban_ile_Kaba_Kuvvet_ve_Basit_L7_DDoS_Denemelerini_Supurmek\"><span class=\"toc_number toc_depth_2\">6.2<\/span> 2. Fail2ban ile Kaba Kuvvet ve Basit L7 DDoS Denemelerini S\u00fcp\u00fcrmek<\/a><\/li><li><a href=\"#3_TCP_Stack_ve_Kaynak_Limitleri\"><span class=\"toc_number toc_depth_2\">6.3<\/span> 3. TCP Stack ve Kaynak Limitleri<\/a><\/li><li><a href=\"#4_PHP-FPM_Veritabani_ve_Uygulama_Kaynak_Sinirlari\"><span class=\"toc_number toc_depth_2\">6.4<\/span> 4. PHP-FPM, Veritaban\u0131 ve Uygulama Kaynak S\u0131n\u0131rlar\u0131<\/a><\/li><\/ul><\/li><li><a href=\"#Olay_Aninda_Yol_Haritasi_DDoS_Saldirisi_Sirasinda_Ne_Yapmali\"><span class=\"toc_number toc_depth_1\">7<\/span> Olay An\u0131nda Yol Haritas\u0131: DDoS Sald\u0131r\u0131s\u0131 S\u0131ras\u0131nda Ne Yapmal\u0131?<\/a><\/li><li><a href=\"#DCHost_Altyapisinda_Ornek_Mimari_Onerileri\"><span class=\"toc_number toc_depth_1\">8<\/span> DCHost Altyap\u0131s\u0131nda \u00d6rnek Mimari \u00d6nerileri<\/a><ul><li><a href=\"#1_Kucuk_WordPress_Kurumsal_Site\"><span class=\"toc_number toc_depth_2\">8.1<\/span> 1. K\u00fc\u00e7\u00fck WordPress \/ Kurumsal Site<\/a><\/li><li><a href=\"#2_Orta_Trafikli_WooCommerce_Basit_SaaS\"><span class=\"toc_number toc_depth_2\">8.2<\/span> 2. Orta Trafikli WooCommerce \/ Basit SaaS<\/a><\/li><\/ul><\/li><li><a href=\"#Sonuc_DDoS_Korkusunu_Yonetilebilir_Bir_Risk_Haline_Getirmek\"><span class=\"toc_number toc_depth_1\">9<\/span> Sonu\u00e7: DDoS Korkusunu Y\u00f6netilebilir Bir Risk H\u00e2line Getirmek<\/a><\/li><\/ul><\/div>\n<h2><span id=\"Kucuk_ve_Orta_Olcekli_Siteler_Icin_DDoS_Neden_Ciddi_Bir_Risk\">K\u00fc\u00e7\u00fck ve Orta \u00d6l\u00e7ekli Siteler \u0130\u00e7in DDoS Neden Ciddi Bir Risk?<\/span><\/h2>\n<p>K\u00fc\u00e7\u00fck ve orta \u00f6l\u00e7ekli sitelerin b\u00fcy\u00fck markalara g\u00f6re daha az hedef olaca\u011f\u0131 d\u00fc\u015f\u00fcncesi art\u0131k ger\u00e7ek\u00e7i de\u011fil. E-ticaret siteleri, ajans portallar\u0131, SaaS panelleri, hatta basit kurumsal siteler bile; rekabet, politik motivasyonlar, otomatik bot a\u011flar\u0131 veya basit \u201ce\u011flence\u201d ama\u00e7l\u0131 sald\u0131r\u0131lar\u0131n hedefi h\u00e2line gelebiliyor. Kapasite analizi veya mimari tasar\u0131m toplant\u0131lar\u0131nda en \u00e7ok konu\u015ftu\u011fumuz konulardan biri, s\u0131n\u0131rl\u0131 b\u00fct\u00e7eyle <strong>DDoS riskini nas\u0131l y\u00f6netilebilir seviyeye indirece\u011finiz<\/strong> oluyor.<\/p>\n<p>\u0130yi haber \u015fu: K\u00fc\u00e7\u00fck ve orta \u00f6l\u00e7ekli bir site i\u00e7in milyonlarca liral\u0131k g\u00fcvenlik yat\u0131r\u0131m\u0131 gerekmiyor. Do\u011fru CDN\/DNS katman\u0131 (\u00f6rne\u011fin Cloudflare), ak\u0131ll\u0131 <strong>rate limit<\/strong> politikalar\u0131 ve birka\u00e7 kritik <strong>sunucu ayar\u0131<\/strong> ile sald\u0131r\u0131lar\u0131n b\u00fcy\u00fck \u00e7o\u011funlu\u011funu etkisiz h\u00e2le getirmek m\u00fcmk\u00fcn. \u00dcstelik bunlar\u0131n \u00f6nemli bir k\u0131sm\u0131, do\u011fru kurguland\u0131\u011f\u0131nda sitenin performans\u0131n\u0131 da iyile\u015ftiriyor. Bu yaz\u0131da, DCHost ekibi olarak pratikte uygulad\u0131\u011f\u0131m\u0131z DDoS koruma stratejilerini; Cloudflare ayarlar\u0131, rate limit yakla\u015f\u0131mlar\u0131 ve sunucu taraf\u0131 optimizasyonlar\u0131 \u00fczerinden ad\u0131m ad\u0131m anlataca\u011f\u0131z.<\/p>\n<p>DDoS kavram\u0131na tamamen yabanc\u0131ysan\u0131z \u00f6nce <a href=\"https:\/\/www.dchost.com\/blog\/ddos-nedir-web-sitenizi-ddos-saldirilarindan-nasil-korursunuz\/\">DDoS nedir ve temel korunma y\u00f6ntemleri<\/a> yaz\u0131s\u0131na g\u00f6z atman\u0131z faydal\u0131 olur. Burada ise do\u011frudan <strong>uygulanabilir mimari ve ayarlara<\/strong> odaklanaca\u011f\u0131z.<\/p>\n<h2><span id=\"DDoS_Saldiri_Turlerini_Kisa_ve_Net_Anlamak\">DDoS Sald\u0131r\u0131 T\u00fcrlerini K\u0131sa ve Net Anlamak<\/span><\/h2>\n<p>Etkin bir savunma i\u00e7in \u00f6nce neye kar\u015f\u0131 m\u00fccadele etti\u011fimizi bilmemiz gerekiyor. K\u00fc\u00e7\u00fck ve orta \u00f6l\u00e7ekli siteleri en \u00e7ok etkileyen 3 temel DDoS kategorisi var:<\/p>\n<h3><span id=\"L3L4_Saldirilari_Bant_Genisligi_ve_TCPUDP_Taskini\">L3\/L4 Sald\u0131r\u0131lar\u0131: Bant Geni\u015fli\u011fi ve TCP\/UDP Ta\u015fk\u0131n\u0131<\/span><\/h3>\n<p>Bu t\u00fcr sald\u0131r\u0131larda ama\u00e7, do\u011frudan a\u011f katman\u0131n\u0131 ve i\u015fletim sisteminin TCP\/UDP y\u0131\u011f\u0131n\u0131n\u0131 bo\u011fmak:<\/p>\n<ul>\n<li>Gigabit\u2019lerce UDP veya TCP SYN paketi g\u00f6nderilir.<\/li>\n<li>Hedef; router, firewall veya sunucunun network stack\u2019ini kilitlemektir.<\/li>\n<li>\u00c7o\u011fu zaman uygulama loglar\u0131nda anlaml\u0131 bir \u015fey g\u00f6remezsiniz; \u00e7\u00fcnk\u00fc trafik, web sunucusuna bile ula\u015fmadan a\u011f katman\u0131nda bo\u011far.<\/li>\n<\/ul>\n<p>K\u00fc\u00e7\u00fck sitelerin bu t\u00fcr sald\u0131r\u0131lara do\u011frudan, tek bir <a href=\"https:\/\/www.dchost.com\/tr\/vps\">VPS<\/a> veya <a href=\"https:\/\/www.dchost.com\/tr\/fiziksel-sunucu\">dedicated sunucu<\/a> ile dayanmas\u0131 neredeyse imk\u00e2ns\u0131zd\u0131r. Bu y\u00fczden <strong>\u00f6n hatta bir CDN\/proxy (Cloudflare)<\/strong> koymak neredeyse zorunludur.<\/p>\n<h3><span id=\"L7_Uygulama_Katmani_Saldirilari_WordPress_API_ve_Arama_Sayfalari\">L7 (Uygulama Katman\u0131) Sald\u0131r\u0131lar\u0131: WordPress, API ve Arama Sayfalar\u0131<\/span><\/h3>\n<p>Uygulama katman\u0131 DDoS\u2019ta sald\u0131rgan, normal istekleri taklit eder:<\/p>\n<ul>\n<li>WordPress\u2019te <code>\/wp-login.php<\/code> veya a\u011f\u0131r sorgular i\u00e7eren arama\/filtreleme sayfalar\u0131 hedeflenir.<\/li>\n<li>API u\u00e7 noktalar\u0131na saniyede onlarca\/y\u00fczlerce istek at\u0131l\u0131r.<\/li>\n<li>Sunucunun CPU, RAM veya veritaban\u0131 kaynaklar\u0131 t\u00fcketilir.<\/li>\n<\/ul>\n<p>Bu sald\u0131r\u0131lar\u0131n tespiti zordur \u00e7\u00fcnk\u00fc istekler \u201cnormal HTTP trafi\u011fi\u201d gibi g\u00f6r\u00fcn\u00fcr. Burada <strong>Cloudflare WAF kurallar\u0131<\/strong>, <strong>rate limit politikalar\u0131<\/strong> ve <strong>web sunucusu (Nginx\/Apache) seviyesinde ek limitler<\/strong> kritik rol oynar.<\/p>\n<h3><span id=\"Hedefli_mi_Otomatik_mi\">Hedefli mi, Otomatik mi?<\/span><\/h3>\n<p>K\u00fc\u00e7\u00fck sitelerin \u00f6nemli k\u0131sm\u0131, asl\u0131nda tamamen hedefli sald\u0131r\u0131 alm\u0131yor; \u00e7o\u011fu, internette IP tarayan bot a\u011flar\u0131n\u0131n \u201crastgele\u201d sald\u0131r\u0131 dalgalar\u0131na maruz kal\u0131yor. Bu iyi bir haber, \u00e7\u00fcnk\u00fc <strong>iyi yap\u0131land\u0131r\u0131lm\u0131\u015f temel savunma<\/strong> bu dalgalar\u0131n b\u00fcy\u00fck b\u00f6l\u00fcm\u00fcn\u00fc s\u00fcp\u00fcrmeye yetiyor. Yani hedefiniz ilk a\u015famada \u201ckurumsal seviyede DDoS korumas\u0131\u201d de\u011fil, <strong>sa\u011flam bir temel barikat<\/strong> kurmak olmal\u0131.<\/p>\n<h2><span id=\"Neden_Cok_Katmanli_DDoS_Koruma_Sart\">Neden \u00c7ok Katmanl\u0131 DDoS Koruma \u015eart?<\/span><\/h2>\n<p>DDoS savunmas\u0131n\u0131 tek bir \u00fcr\u00fcn veya tek bir ayara emanet etmek risklidir. Sa\u011flam bir mimari en az \u00fc\u00e7 katman i\u00e7erir:<\/p>\n<ol>\n<li><strong>\u00d6n Hat (Cloudflare gibi ters proxy\/CDN):<\/strong> L3\/L4 trafi\u011fi ve kaba L7 sald\u0131r\u0131lar burada s\u00fcz\u00fcl\u00fcr.<\/li>\n<li><strong>Uygulama Katman\u0131 (WAF + Rate Limit):<\/strong> Spesifik URL\u2019lere veya pattern\u2019lere gelen sald\u0131r\u0131lar burada kesilir.<\/li>\n<li><strong>Sunucu ve OS Katman\u0131:<\/strong> TCP stack ayarlar\u0131, firewall, web sunucusu ve PHP-FPM limitleri, sald\u0131r\u0131 atlat\u0131rsa son savunmay\u0131 olu\u015fturur.<\/li>\n<\/ol>\n<p>DCHost taraf\u0131nda da k\u00fc\u00e7\u00fck bir WordPress blog ile yo\u011fun sipari\u015f alan bir WooCommerce ma\u011fazas\u0131na ayn\u0131 \u015fablonu \u00f6nermiyoruz. Ancak <strong>katmanl\u0131 koruma prensibi<\/strong> her \u00f6l\u00e7ekte ayn\u0131: Trafi\u011fi d\u0131\u015far\u0131da durdur, uygulamay\u0131 koru, sunucuyu bo\u011fulmadan y\u00f6net.<\/p>\n<h2><span id=\"Cloudflare_Katmaninda_Uygulanabilir_Ayarlar\">Cloudflare Katman\u0131nda Uygulanabilir Ayarlar<\/span><\/h2>\n<p>Bir\u00e7ok k\u00fc\u00e7\u00fck\/orta \u00f6l\u00e7ekli site i\u00e7in <strong>ilk ve en etkili ad\u0131m<\/strong>, DNS\u2019i Cloudflare\u2019e ta\u015f\u0131y\u0131p trafi\u011fi proxy\u2019den ge\u00e7irmek oluyor. Ancak sadece \u201cturuncu bulut\u201d a\u00e7mak yetmez; birka\u00e7 \u00f6nemli ayar\u0131 netle\u015ftirelim.<\/p>\n<h3><span id=\"1_DNS_ve_Proxy_Yapilandirmasi\">1. DNS ve Proxy Yap\u0131land\u0131rmas\u0131<\/span><\/h3>\n<ul>\n<li>Site i\u00e7in kulland\u0131\u011f\u0131n\u0131z <code>A<\/code> veya <code>AAAA<\/code> kay\u0131tlar\u0131n\u0131n <strong>proxied (turuncu bulut)<\/strong> oldu\u011fundan emin olun.<\/li>\n<li>Ger\u00e7ek sunucu IP\u2019nizi sadece gerekli servisler (\u00f6rn. SMTP) i\u00e7in a\u00e7\u0131k b\u0131rak\u0131n; web trafi\u011fini her zaman proxy \u00fczerinden ge\u00e7irin.<\/li>\n<li>M\u00fcmk\u00fcnse y\u00f6netim paneline (\u00f6rn. <code>panel.ornek.com<\/code>) ayr\u0131 subdomain a\u00e7\u0131p <strong>proxy kapal\u0131 (gri bulut)<\/strong> ama IP eri\u015fimini firewalld\/iptables ile IP k\u0131s\u0131tlamal\u0131 y\u00f6netin.<\/li>\n<\/ul>\n<p>Cloudflare DNS ve hosting DNS tercihleri aras\u0131nda karars\u0131zsan\u0131z, <a href=\"https:\/\/www.dchost.com\/blog\/cloudflare-dns-mi-hosting-dnsi-mi-en-dogru-nameserver-stratejisi\/\">en do\u011fru nameserver stratejisini anlatt\u0131\u011f\u0131m\u0131z rehbere<\/a> g\u00f6z atabilirsiniz.<\/p>\n<h3><span id=\"2_Security_Level_ve_Temel_Koruma_Modlari\">2. Security Level ve Temel Koruma Modlar\u0131<\/span><\/h3>\n<p>Cloudflare <strong>Security Level<\/strong> ayar\u0131, hangi visitor profiline ne kadar kat\u0131 davranaca\u011f\u0131n\u0131 belirler:<\/p>\n<ul>\n<li><strong>Medium:<\/strong> \u00c7o\u011fu k\u00fc\u00e7\u00fck site i\u00e7in dengeli bir varsay\u0131lan seviyedir.<\/li>\n<li><strong>High \/ Under Attack:<\/strong> Devam eden bir sald\u0131r\u0131 veya \u00e7ok yo\u011fun bot trafi\u011fi oldu\u011funda ge\u00e7ici olarak kullan\u0131l\u0131r.<\/li>\n<\/ul>\n<p>\u00d6nerimiz, normal zamanda <strong>Medium<\/strong> veya sitenizin do\u011fas\u0131na g\u00f6re <strong>High<\/strong> kullanman\u0131z; sald\u0131r\u0131 an\u0131nda ise k\u0131sa s\u00fcreli\u011fine <strong>Under Attack Mode<\/strong> aktif etmeniz. Bu mod, yeni gelen ziyaret\u00e7ilere JavaScript tabanl\u0131 bir do\u011frulama sayfas\u0131 g\u00f6sterir ve kaba botlar\u0131 epey temizler.<\/p>\n<h3><span id=\"3_WAF_ve_Bot_Korumasi\">3. WAF ve Bot Korumas\u0131<\/span><\/h3>\n<p>E\u011fer plan\u0131n\u0131z destekliyorsa Cloudflare WAF kurallar\u0131n\u0131 aktif etmek, L7 DDoS ve k\u00f6t\u00fc ama\u00e7l\u0131 botlara kar\u015f\u0131 ciddi avantaj sa\u011flar:<\/p>\n<ul>\n<li>WordPress kurulumlar\u0131 i\u00e7in <code>\/wp-login.php<\/code> ve <code>\/xmlrpc.php<\/code> adreslerine \u00f6zel kurallar olu\u015fturun.<\/li>\n<li>\u00d6deme, sepet ve kritik API yollar\u0131n\u0131 daha s\u0131k\u0131 kurallarla koruyun.<\/li>\n<li>\u00dclke bazl\u0131 (country-based) bloklama veya k\u0131s\u0131tlama gerekirse WAF \u00fczerinden uygulay\u0131n.<\/li>\n<\/ul>\n<p>Cloudflare taraf\u0131ndaki WAF ve bot ayarlar\u0131n\u0131 detayl\u0131 ele ald\u0131\u011f\u0131m\u0131z <a href=\"https:\/\/www.dchost.com\/blog\/cloudflare-guvenlik-ayarlari-rehberi-kucuk-isletme-siteleri-icin-waf-rate-limit-ve-bot-korumasi\/\">Cloudflare g\u00fcvenlik ayarlar\u0131 rehberi<\/a> ile bu b\u00f6l\u00fcmdeki ad\u0131mlar\u0131 daha da derinle\u015ftirebilirsiniz.<\/p>\n<h3><span id=\"4_Onbellekleme_Cache_ve_Edge_Seviyesinde_Hafifletme\">4. \u00d6nbellekleme (Cache) ve Edge Seviyesinde Hafifletme<\/span><\/h3>\n<p>\u0130yi yap\u0131land\u0131r\u0131lm\u0131\u015f bir \u00f6nbellek politikas\u0131, DDoS s\u0131ras\u0131nda da hayat kurtar\u0131r:<\/p>\n<ul>\n<li>Statik i\u00e7erikleri (CSS, JS, g\u00f6rseller) uzun s\u00fcreli cache\u2019leyin.<\/li>\n<li>WordPress gibi sitelerde statik sayfalar i\u00e7in cache s\u00fcresini art\u0131rarak origin \u00fczerindeki y\u00fck\u00fc d\u00fc\u015f\u00fcr\u00fcn.<\/li>\n<li>\u201cCache Everything\u201d kural\u0131n\u0131 sadece giri\u015f yap\u0131lmayan, tamamen statik sayfalar i\u00e7in uygulay\u0131n; admin, sepet, \u00f6deme sayfalar\u0131 gibi ki\u015fisel alanlar\u0131 hari\u00e7 tutun.<\/li>\n<\/ul>\n<p>Cloudflare \u00f6nbellekleme, site h\u0131z\u0131n\u0131z\u0131 iyile\u015ftirirken DDoS s\u0131ras\u0131nda sunucuya gelen <strong>ger\u00e7ek istek say\u0131s\u0131n\u0131 dramatik bi\u00e7imde azalt\u0131r<\/strong>. Bu da rate limit ve sunucu ayarlar\u0131n\u0131n i\u015fini kolayla\u015ft\u0131r\u0131r.<\/p>\n<h2><span id=\"Rate_Limit_Stratejileri_Cloudflare_Sunucu_El_Ele\">Rate Limit Stratejileri: Cloudflare + Sunucu El Ele<\/span><\/h2>\n<p>DDoS sald\u0131r\u0131lar\u0131nda sadece \u201ctoplam trafik\u201d de\u011fil, <strong>bir IP\u2019nin belirli bir endpoint\u2019e ka\u00e7 istekte bulundu\u011fu<\/strong> da \u00f6nemli bir g\u00f6stergedir. \u0130\u015fte burada rate limit devreye girer. Ama\u00e7, ger\u00e7ek kullan\u0131c\u0131y\u0131 rahats\u0131z etmeden, anormal istek patlamalar\u0131n\u0131 t\u00f6rp\u00fclemektir.<\/p>\n<h3><span id=\"1_Nerede_Rate_Limit_Uygulamalisiniz\">1. Nerede Rate Limit Uygulamal\u0131s\u0131n\u0131z?<\/span><\/h3>\n<p>K\u00fc\u00e7\u00fck ve orta \u00f6l\u00e7ekli sitelerde kritik noktalar genelde \u015funlard\u0131r:<\/p>\n<ul>\n<li><strong>Giri\u015f sayfalar\u0131:<\/strong> <code>\/wp-login.php<\/code>, <code>\/admin<\/code>, \u00f6zel login endpoint\u2019leriniz.<\/li>\n<li><strong>Yo\u011fun sorgulu sayfalar:<\/strong> Arama, filtreleme, rapor ekranlar\u0131.<\/li>\n<li><strong>API u\u00e7 noktalar\u0131:<\/strong> \u00d6zellikle \u201cwrite\u201d yapan veya pahal\u0131 i\u015flemler tetikleyen endpoint\u2019ler.<\/li>\n<\/ul>\n<p>Bu noktalara hem Cloudflare taraf\u0131nda hem de web sunucusunda farkl\u0131 e\u015fiklerle rate limit koymak, \u00e7ok iyi sonu\u00e7 verir. API ve mikroservisler i\u00e7in daha geli\u015fmi\u015f stratejilerle ilgileniyorsan\u0131z <a href=\"https:\/\/www.dchost.com\/blog\/api-ve-mikroservisler-icin-rate-limiting-stratejileri-nginx-cloudflare-ve-redis-ile-trafik-kontrolu\/\">Nginx, Cloudflare ve Redis ile rate limiting rehberimize<\/a> mutlaka g\u00f6z at\u0131n.<\/p>\n<h3><span id=\"2_Cloudflare_Rate_Limit_Ornegi_L7_Tarafi\">2. Cloudflare Rate Limit \u00d6rne\u011fi (L7 Taraf\u0131)<\/span><\/h3>\n<p>Cloudflare taraf\u0131nda tipik bir WordPress sitesi i\u00e7in \u015fu mant\u0131k g\u00fcvenli bir ba\u015flang\u0131\u00e7t\u0131r:<\/p>\n<ul>\n<li><code>\/wp-login.php<\/code> i\u00e7in: Ayn\u0131 IP\u2019den 1 dakika i\u00e7inde 10\u2019dan fazla istek geliyorsa 5 dakika blok + Captcha.<\/li>\n<li>API i\u00e7in: IP ba\u015f\u0131na 1 saniyede 5\u201310 istekten fazlas\u0131n\u0131 s\u0131n\u0131rlamak.<\/li>\n<\/ul>\n<p>Hassas endpoint\u2019lerde e\u015fikleri d\u00fc\u015f\u00fck, genel API veya listeleme sayfalar\u0131nda ise biraz daha y\u00fcksek tutabilirsiniz. \u0130lk haftalarda loglar\u0131 inceleyip ger\u00e7ek kullan\u0131c\u0131 davran\u0131\u015f\u0131na g\u00f6re e\u015fikleri ayarlamak iyi bir pratiktir.<\/p>\n<h3><span id=\"3_Nginx_Uzerinde_Basit_Rate_Limit_Ornegi\">3. Nginx \u00dczerinde Basit Rate Limit \u00d6rne\u011fi<\/span><\/h3>\n<p>Origin sunucu taraf\u0131nda Nginx kullan\u0131yorsan\u0131z, <code>limit_req<\/code> direktifi ile basit ama etkili bir ikinci katman olu\u015fturabilirsiniz:<\/p>\n<pre class=\"language-nginx line-numbers\"><code class=\"language-nginx\">http {\n    limit_req_zone $binary_remote_addr zone=login_zone:10m rate=10r\/m;\n\n    server {\n        location = \/wp-login.php {\n            limit_req zone=login_zone burst=20 nodelay;\n            include fastcgi_params;\n            # PHP-FPM ayarlar\u0131...\n        }\n    }\n}\n<\/code><\/pre>\n<p>Bu \u00f6rnek, login endpoint\u2019ine IP ba\u015f\u0131na dakikada 10 istek h\u0131z\u0131nda izin verir, anl\u0131k patlamalara (burst=20) m\u00fcsaade eder ama bunun \u00f6tesini s\u0131n\u0131rlar. Cloudflare taraf\u0131ndaki kurallarla birlikte \u00e7al\u0131\u015ft\u0131\u011f\u0131nda, bot\u2019lar\u0131n i\u015fi olduk\u00e7a zorla\u015f\u0131r.<\/p>\n<h3><span id=\"4_Apache_mod_ratelimit_mod_evasive_ile_Yaklasim\">4. Apache (mod_ratelimit \/ mod_evasive) ile Yakla\u015f\u0131m<\/span><\/h3>\n<p>Apache taraf\u0131nda da <code>mod_evasive<\/code> ve benzeri mod\u00fcllerle benzer bir koruma kurabilirsiniz. Temel fikir ayn\u0131:<\/p>\n<ul>\n<li>K\u0131sa s\u00fcrede \u00e7ok fazla istek atan IP\u2019yi ge\u00e7ici olarak engelle.<\/li>\n<li>Belirli URL pattern\u2019lerini daha s\u0131k\u0131 koru.<\/li>\n<li>Loglar\u0131 izleyerek e\u015fikleri ger\u00e7ek kullan\u0131ma g\u00f6re optimize et.<\/li>\n<\/ul>\n<p>\u00d6nemli nokta, rate limit stratejisini \u201ckullan\u0131c\u0131y\u0131 rahats\u0131z etmeyen ama bot\u2019u bezdiren\u201d noktaya getirmektir. Bu y\u00fczden ilk konfig\u00fcrasyondan sonra mutlaka birka\u00e7 g\u00fcn log analizi yap\u0131n.<\/p>\n<h2><span id=\"Sunucu_ve_Isletim_Sistemi_Ayarlariyla_Dayanikliligi_Artirmak\">Sunucu ve \u0130\u015fletim Sistemi Ayarlar\u0131yla Dayan\u0131kl\u0131l\u0131\u011f\u0131 Art\u0131rmak<\/span><\/h2>\n<p>Cloudflare ve rate limit katman\u0131 d\u00fczg\u00fcn olsa bile, sald\u0131r\u0131n\u0131n bir k\u0131sm\u0131 sunucunuza ula\u015fabilir. Burada ama\u00e7, sunucunun \u201cg\u00fczelce yava\u015flamas\u0131\u201d de\u011fil, <strong>kararl\u0131 kalmas\u0131<\/strong>d\u0131r. Yani sald\u0131r\u0131 olsa bile SSH, monitoring ve temel servisler \u00e7al\u0131\u015fmaya devam etmeli.<\/p>\n<h3><span id=\"1_Firewall_ve_Temel_Ag_Sertlestirmesi\">1. Firewall ve Temel A\u011f Sertle\u015ftirmesi<\/span><\/h3>\n<p>Linux tabanl\u0131 VPS veya dedicated sunucularda ilk ad\u0131m her zaman <strong>g\u00fcvenlik duvar\u0131 kurallar\u0131<\/strong>d\u0131r:<\/p>\n<ul>\n<li>Gereksiz t\u00fcm portlar\u0131 kapat\u0131n, sadece HTTP\/HTTPS, SSH ve ger\u00e7ekten gereken servisleri a\u00e7\u0131k b\u0131rak\u0131n.<\/li>\n<li>SSH i\u00e7in IP k\u0131s\u0131tlamas\u0131 veya VPN (WireGuard vb.) arkas\u0131ndan eri\u015fim kullan\u0131n.<\/li>\n<li>TCP SYN flood gibi sald\u0131r\u0131lara kar\u015f\u0131 basit <code>iptables<\/code>\/<code>nftables<\/code> kurallar\u0131yla ba\u011flant\u0131 say\u0131lar\u0131n\u0131 s\u0131n\u0131rlay\u0131n.<\/li>\n<\/ul>\n<p>G\u00fcvenlik duvar\u0131 taraf\u0131n\u0131 ad\u0131m ad\u0131m kurmak istiyorsan\u0131z, <a href=\"https:\/\/www.dchost.com\/blog\/vps-sunucularda-guvenlik-duvari-yapilandirma-ufw-firewalld-ve-iptables\/\">VPS\u2019te ufw, firewalld ve iptables ile firewall yap\u0131land\u0131rma rehberimizi<\/a> referans alabilirsiniz.<\/p>\n<h3><span id=\"2_Fail2ban_ile_Kaba_Kuvvet_ve_Basit_L7_DDoS_Denemelerini_Supurmek\">2. Fail2ban ile Kaba Kuvvet ve Basit L7 DDoS Denemelerini S\u00fcp\u00fcrmek<\/span><\/h3>\n<p><strong>fail2ban<\/strong>, log dosyalar\u0131n\u0131z\u0131 izleyip \u015f\u00fcpheli IP\u2019leri otomatik olarak engelleyen hafif bir ara\u00e7t\u0131r. \u00d6zellikle \u015fu alanlarda \u00e7ok i\u015f g\u00f6r\u00fcr:<\/p>\n<ul>\n<li>SSH brute-force sald\u0131r\u0131lar\u0131.<\/li>\n<li>Apache\/Nginx error log\u2019lar\u0131nda yo\u011fun 404, 403 veya login denemeleri.<\/li>\n<li>\u00d6zel uygulama log\u2019lar\u0131nda belirli pattern\u2019ler (\u00f6rne\u011fin hatal\u0131 token, \u00e7ok s\u0131k istek).<\/li>\n<\/ul>\n<p>WordPress \u00f6rne\u011finde <code>\/wp-login.php<\/code> i\u00e7in hem Cloudflare rate limit hem de Nginx <code>limit_req<\/code> kulland\u0131\u011f\u0131n\u0131zda, aradan s\u0131zan agresif IP\u2019leri fail2ban ile tamamen d\u00fc\u015f\u00fcrebilirsiniz. Daha geni\u015f perspektiften bakmak i\u00e7in <a href=\"https:\/\/www.dchost.com\/blog\/waf-ve-bot-korumasi-cloudflare-modsecurity-ve-fail2bani-ayni-masada-baristirmanin-sicacik-hikayesi\/\">Cloudflare, ModSecurity ve fail2ban\u2019\u0131 birlikte kulland\u0131\u011f\u0131m\u0131z WAF ve bot korumas\u0131 rehberine<\/a> g\u00f6z atman\u0131z\u0131 \u00f6neririz.<\/p>\n<h3><span id=\"3_TCP_Stack_ve_Kaynak_Limitleri\">3. TCP Stack ve Kaynak Limitleri<\/span><\/h3>\n<p>Yo\u011fun ba\u011flant\u0131 alt\u0131nda Linux\u2019un daha dayan\u0131kl\u0131 davranmas\u0131 i\u00e7in baz\u0131 <code>sysctl<\/code> ayarlar\u0131n\u0131 optimize etmek gerekebilir. \u00d6rne\u011fin:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">net.core.somaxconn = 4096\nnet.ipv4.tcp_max_syn_backlog = 4096\nnet.ipv4.tcp_syncookies = 1\nnet.ipv4.tcp_fin_timeout = 15\n<\/code><\/pre>\n<p>Bu t\u00fcr ayarlar:<\/p>\n<ul>\n<li>Daha fazla bekleyen ba\u011flant\u0131y\u0131 d\u00fczg\u00fcnce s\u0131raya alman\u0131za,<\/li>\n<li>SYN flood sald\u0131r\u0131lar\u0131na kar\u015f\u0131 daha diren\u00e7li olman\u0131za,<\/li>\n<li>Zombi ba\u011flant\u0131lar\u0131n daha h\u0131zl\u0131 temizlenmesine<\/li>\n<\/ul>\n<p>yard\u0131mc\u0131 olur. Elbette her sunucu i\u00e7in tek bir \u201cm\u00fckemmel ayar\u201d yok; CPU, RAM ve i\u015f y\u00fck\u00fcne g\u00f6re ince ayar yapmak gerekir.<\/p>\n<h3><span id=\"4_PHP-FPM_Veritabani_ve_Uygulama_Kaynak_Sinirlari\">4. PHP-FPM, Veritaban\u0131 ve Uygulama Kaynak S\u0131n\u0131rlar\u0131<\/span><\/h3>\n<p>DDoS s\u0131ras\u0131nda en s\u0131k g\u00f6rd\u00fc\u011f\u00fcm\u00fcz problem: T\u00fcm PHP-FPM \u00e7ocuk s\u00fcre\u00e7leri dolup yeni isteklerin kuyrukta patlamas\u0131, ard\u0131ndan veritaban\u0131n\u0131n da bo\u011fulmas\u0131. Bunu \u00f6nlemek i\u00e7in:<\/p>\n<ul>\n<li><strong>PHP-FPM:<\/strong> <code>pm.max_children<\/code>, <code>pm.max_requests<\/code> de\u011ferlerini sitenin normal trafi\u011fine g\u00f6re hesaplay\u0131n; a\u015f\u0131r\u0131 iyimser davranmay\u0131n.<\/li>\n<li><strong>Veritaban\u0131:<\/strong> Maksimum ba\u011flant\u0131 say\u0131s\u0131n\u0131 (max_connections) s\u0131n\u0131rland\u0131r\u0131n, PHP taraf\u0131nda connection pool veya yeniden kullan\u0131m stratejisi uygulay\u0131n.<\/li>\n<li><strong>Uygulama:<\/strong> \u00c7ok pahal\u0131 sorgulara (\u00f6zellikle arama\/filtre) sayfa ba\u015f\u0131na limit ve basit cache mekanizmalar\u0131 ekleyin.<\/li>\n<\/ul>\n<p>DCHost olarak optimizasyon taleplerinde ilk bakt\u0131\u011f\u0131m\u0131z \u015feylerden biri, uygulama ve veritaban\u0131 taraf\u0131ndaki bu limitlerin ger\u00e7ek\u00e7i olup olmad\u0131\u011f\u0131. G\u00fc\u00e7l\u00fc bir sunucu bile yanl\u0131\u015f limitler y\u00fcz\u00fcnden DDoS etkisinde \u00e7ok k\u0131r\u0131lganla\u015fabiliyor.<\/p>\n<h2><span id=\"Olay_Aninda_Yol_Haritasi_DDoS_Saldirisi_Sirasinda_Ne_Yapmali\">Olay An\u0131nda Yol Haritas\u0131: DDoS Sald\u0131r\u0131s\u0131 S\u0131ras\u0131nda Ne Yapmal\u0131?<\/span><\/h2>\n<p>Her koruma katman\u0131na ra\u011fmen sald\u0131r\u0131 alman\u0131z m\u00fcmk\u00fcn. \u00d6nemli olan, o anda ne yapaca\u011f\u0131n\u0131z\u0131 \u00f6nceden planlam\u0131\u015f olman\u0131z. K\u00fc\u00e7\u00fck\/orta \u00f6l\u00e7ekli siteler i\u00e7in pratik bir kontrol listesi:<\/p>\n<ul>\n<li><strong>1. Durumu do\u011frulay\u0131n:<\/strong> Sunucu kaynaklar\u0131n\u0131, HTTP hata oranlar\u0131n\u0131 ve Cloudflare analytics verilerini kontrol edin.<\/li>\n<li><strong>2. Cloudflare modunu y\u00fckseltin:<\/strong> Ge\u00e7ici olarak <em>Under Attack<\/em> moduna al\u0131n, Security Level\u2019i art\u0131r\u0131n.<\/li>\n<li><strong>3. Hedeflenen URL\u2019leri tespit edin:<\/strong> Loglardan en \u00e7ok istek alan yol ve IP\u2019leri \u00e7\u0131kar\u0131n; gerekiyorsa ekstra rate limit ve WAF kural\u0131 tan\u0131mlay\u0131n.<\/li>\n<li><strong>4. Sunucudaki servislere nefes ald\u0131r\u0131n:<\/strong> Gereksiz arka plan i\u015fleri, cron\u2019lar veya yo\u011fun raporlamalar\u0131 ge\u00e7ici olarak durdurun.<\/li>\n<li><strong>5. \u0130leti\u015fim:<\/strong> Ekip i\u00e7i ve m\u00fc\u015fteri ileti\u015fimini (durum sayfas\u0131, e-posta) net tutun; \u201cg\u00fcncel durum\u201d bilgisini payla\u015f\u0131n.<\/li>\n<\/ul>\n<p>Daha kurumsal yap\u0131larda bu listeyi bir <strong>incident runbook<\/strong> h\u00e2line getirip belirli periyotlarda tatbikat yap\u0131lmas\u0131n\u0131 \u00f6neriyoruz. K\u00fc\u00e7\u00fck projelerde bile en az\u0131ndan bir \u201cDDoS s\u0131ras\u0131nda ilk 30 dakika plan\u0131\u201d yaz\u0131l\u0131 olmal\u0131.<\/p>\n<h2><span id=\"DCHost_Altyapisinda_Ornek_Mimari_Onerileri\">DCHost Altyap\u0131s\u0131nda \u00d6rnek Mimari \u00d6nerileri<\/span><\/h2>\n<p>DCHost taraf\u0131nda k\u00fc\u00e7\u00fck ve orta \u00f6l\u00e7ekli m\u00fc\u015fteriler i\u00e7in s\u0131k \u00f6nerdi\u011fimiz birka\u00e7 pratik mimari var:<\/p>\n<h3><span id=\"1_Kucuk_WordPress_Kurumsal_Site\">1. K\u00fc\u00e7\u00fck WordPress \/ Kurumsal Site<\/span><\/h3>\n<ul>\n<li>1 adet DCHost VPS (CPU\/RAM sitenin trafi\u011fine g\u00f6re boyutland\u0131r\u0131lm\u0131\u015f).<\/li>\n<li>Cloudflare DNS + proxy aktif.<\/li>\n<li>Cloudflare\u2019de temel WAF kurallar\u0131 + <code>\/wp-login.php<\/code> ve <code>\/xmlrpc.php<\/code> i\u00e7in rate limit.<\/li>\n<li>Sunucuda ufw\/iptables ile temel firewall, fail2ban ile SSH ve Nginx log takibi.<\/li>\n<li>Nginx \u00fczerinde login ve admin URL\u2019leri i\u00e7in <code>limit_req<\/code> kural\u0131.<\/li>\n<\/ul>\n<h3><span id=\"2_Orta_Trafikli_WooCommerce_Basit_SaaS\">2. Orta Trafikli WooCommerce \/ Basit SaaS<\/span><\/h3>\n<ul>\n<li>Uygulama ve veritaban\u0131n\u0131 ayr\u0131 DCHost VPS\u2019lere b\u00f6lmek (\u00f6zellikle veritaban\u0131 i\u00e7in ayr\u0131 kaynak ay\u0131rmak).<\/li>\n<li>Cloudflare taraf\u0131nda daha agresif \u00f6nbellekleme (\u00fcr\u00fcn listeleri, blog, statik sayfalar i\u00e7in uzun cache).<\/li>\n<li>Kritik API ve \u00f6deme ad\u0131mlar\u0131 i\u00e7in \u00f6zel WAF kurallar\u0131 ve daha s\u0131k\u0131 rate limit.<\/li>\n<li>Sunucu taraf\u0131nda PHP-FPM, MySQL\/PostgreSQL ve TCP stack i\u00e7in dikkatli tuning.<\/li>\n<li>Log analizi ve basit izleme (Uptime, response time, hata oran\u0131) ile anormallikleri h\u0131zl\u0131 fark etmek.<\/li>\n<\/ul>\n<p>Daha ileri seviye ihtiya\u00e7larda dedicated sunucu veya <strong>colocation<\/strong> ile \u00f6zel a\u011f\/filtreleme kurulumlar\u0131 da m\u00fcmk\u00fcn. Ancak \u00e7o\u011fu KOB\u0130 ve ajans i\u00e7in, iyi yap\u0131land\u0131r\u0131lm\u0131\u015f bir DCHost VPS mimarisi + Cloudflare katman\u0131, hem b\u00fct\u00e7e dostu hem de olduk\u00e7a dayan\u0131kl\u0131 bir \u00e7\u00f6z\u00fcm sunuyor.<\/p>\n<h2><span id=\"Sonuc_DDoS_Korkusunu_Yonetilebilir_Bir_Risk_Haline_Getirmek\">Sonu\u00e7: DDoS Korkusunu Y\u00f6netilebilir Bir Risk H\u00e2line Getirmek<\/span><\/h2>\n<p>DDoS\u2019u tamamen yok etmek m\u00fcmk\u00fcn de\u011fil; ama <strong>y\u00f6netilebilir ve kabul edilebilir bir risk seviyesine indirmek<\/strong> kesinlikle m\u00fcmk\u00fcn. \u00d6zellikle k\u00fc\u00e7\u00fck ve orta \u00f6l\u00e7ekli siteler i\u00e7in ama\u00e7, milyonlarca liral\u0131k donan\u0131mlar almak de\u011fil, ak\u0131ll\u0131 ve katmanl\u0131 bir mimari kurmak olmal\u0131. Bu yaz\u0131da \u00f6zetledi\u011fimiz gibi:<\/p>\n<ul>\n<li>Cloudflare proxy + WAF + rate limit ile trafi\u011fi m\u00fcmk\u00fcn oldu\u011funca <strong>edge\u2019te temizleyin<\/strong>.<\/li>\n<li>Uygulama taraf\u0131nda login, arama, API gibi pahal\u0131 endpoint\u2019leri \u00f6zel korumaya al\u0131n.<\/li>\n<li>Sunucu ve i\u015fletim sistemi ayarlar\u0131yla; firewall, TCP stack, PHP-FPM ve veritaban\u0131n\u0131 ger\u00e7ek\u00e7i limitlerle sertle\u015ftirin.<\/li>\n<li>Olay an\u0131nda ne yapaca\u011f\u0131n\u0131z\u0131 \u00f6nceden yaz\u0131n; log, izleme ve ileti\u015fim kanallar\u0131n\u0131z\u0131 haz\u0131r tutun.<\/li>\n<\/ul>\n<p>E\u011fer \u201cBizim sitede ne kadar\u0131na ger\u00e7ekten ihtiyac\u0131m\u0131z var?\u201d diye d\u00fc\u015f\u00fcn\u00fcyorsan\u0131z, mevcut mimarinizi birlikte g\u00f6zden ge\u00e7irmek i\u00e7in DCHost ekibiyle ileti\u015fime ge\u00e7ebilirsiniz. Trafik profiliniz, kulland\u0131\u011f\u0131n\u0131z yaz\u0131l\u0131m (WordPress, Laravel, \u00f6zel PHP, Node.js vb.) ve b\u00fct\u00e7eniz \u00fczerinden; do\u011fru boyutland\u0131r\u0131lm\u0131\u015f bir DCHost VPS veya dedicated sunucu ile size \u00f6zel <strong>DDoS koruma plan\u0131<\/strong> \u00e7\u0131karmak m\u00fcmk\u00fcn. B\u00f6ylece bir sonraki sald\u0131r\u0131 haberi geldi\u011finde panik yapmak yerine, sadece dashboard\u2019lar\u0131 sakin sakin izlersiniz.<\/p>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>\u0130&ccedil;indekiler1 K\u00fc\u00e7\u00fck ve Orta \u00d6l\u00e7ekli Siteler \u0130\u00e7in DDoS Neden Ciddi Bir Risk?2 DDoS Sald\u0131r\u0131 T\u00fcrlerini K\u0131sa ve Net Anlamak2.1 L3\/L4 Sald\u0131r\u0131lar\u0131: Bant Geni\u015fli\u011fi ve TCP\/UDP Ta\u015fk\u0131n\u01312.2 L7 (Uygulama Katman\u0131) Sald\u0131r\u0131lar\u0131: WordPress, API ve Arama Sayfalar\u01312.3 Hedefli mi, Otomatik mi?3 Neden \u00c7ok Katmanl\u0131 DDoS Koruma \u015eart?4 Cloudflare Katman\u0131nda Uygulanabilir Ayarlar4.1 1. DNS ve Proxy Yap\u0131land\u0131rmas\u01314.2 2. [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":3888,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-3887","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-teknoloji"],"_links":{"self":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts\/3887","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/comments?post=3887"}],"version-history":[{"count":0,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts\/3887\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/media\/3888"}],"wp:attachment":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/media?parent=3887"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/categories?post=3887"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/tags?post=3887"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}