Digioh runs in your site visitor’s browser as externally sourced JavaScript (not from your server). This means that any DDoS or bot activity targeted at Digioh cannot directly impact your site performance.

However, since Digioh connects and sends data to your database (ESP, CRM, etc), we have taken steps to ensure that you are protected from malicious or fraudulent activity such as:

• Attempting to fill your database with junk data
• Brute force discovery of valid email addresses in your system
• Attempts to overwhelm your ESP or CRM (DDoS)
• In cases where Digioh is powering a login form, attempt to guess a password by brute force

The first thing to note is that Digioh forms are powered by JavaScript, which makes them practically immune to “off the shelf” hacking tools and bots. An attacker would have to specifically reverse engineer the Digioh forms on your site and customize their attack. Typically, hackers just move on to an easier target.

That said, Digioh has the following protections against determined attacks:

• Cloudflare CDN-level IP Rate Limiting and Firewall. Cloudflare is the leading provider in DDoS mitigation.
• Digioh application-level IP Rate Limiting. This prevents any one computer from attacking your forms.
• Digioh application-level Box Rate Limiting. This prevents any single Box from submitting too frequently across all IPs. It will start blocking (for 30 minutes) if there are more than 100 submissions within any 10 second rolling window for a particular Box. Each new submission renews the 10 second rolling window.

Digioh support is alerted when any of these protections trigger and we will notify you immediately and take appropriate measures to protect your data.