DDOS PROTECTION
DDoS Protection Built Into the Network.
Your site is protected by one of the largest anti-DDoS systems in the hosting industry. Always on. No volume caps. No extra cost. Attacks are stopped at the network edge before they reach your server.
THE THREAT
Why DDoS Protection Matters for Every WordPress Site.
A distributed denial-of-service attack floods your server with traffic from thousands of coordinated sources, overwhelming the connection and taking your site offline. These attacks do not require your site to have a vulnerability. They simply drown it in traffic.
DDoS attacks are increasing in frequency and sophistication. They are used for extortion, competitive sabotage, political disruption, and sometimes just for sport. Any site with a public IP address is a potential target. For businesses that depend on their website for revenue, customer service, or reputation, even a few hours of downtime can have serious consequences.
Most managed WordPress hosts either ignore the problem entirely, offer limited protection that caps out at modest traffic volumes, or charge extra for DDoS mitigation as an add-on. WPCloud takes a different approach: infrastructure-level protection that is always on and included with every plan.
HOW IT WORKS
Network-Level Protection from OVH.
WPCloud’s primary infrastructure runs on OVH’s bare-metal servers in Montreal. Every server on OVH’s network is protected by their anti-DDoS infrastructure, which is one of the most capable systems in the industry.
Always-On Detection
OVH monitors traffic across its entire global network in real time. Hardware sensors at every point of presence analyse traffic patterns continuously. When anomalous traffic is detected, whether it is a volumetric flood, an amplification attack, or a protocol-level assault, the system responds automatically.
Automatic Scrubbing
When an attack is detected, traffic destined for the target IP is rerouted through OVH’s scrubbing centres. These centres use a technology OVH calls VAC, which combines high-throughput routers, edge network firewalls, and advanced filtering hardware to separate legitimate visitor traffic from attack traffic. Malicious packets are dropped. Clean traffic passes through to your server. Mitigation activates within seconds.
Massive Capacity
OVH’s network is built to absorb large-scale attacks without affecting other customers on the network. Their infrastructure is designed to handle attacks well beyond what most businesses will ever encounter. This is not a shared pool that degrades under load. The system is architected to maintain service quality even during active mitigation.
No Caps, No Limits, No Extra Charges
Protection stays active for the entire duration of an attack, regardless of how long it lasts or how much traffic is involved. There are no volume thresholds that trigger overage fees and no time limits that leave your site exposed after a set period. This protection is included with every WPCloud plan at no additional cost.
DEFENCE IN DEPTH
Two Layers. Complete Coverage.
DDoS protection at the network edge is the first layer. WPCloud adds a second layer at the server and application level.
Layer 1: Network Edge (OVH)
Handles volumetric attacks, protocol floods, amplification attacks, SYN floods, and other network-layer threats. These are the large-scale attacks designed to saturate your server’s connection. They are stopped at the data centre edge before they ever reach the server.
Layer 2: Server and Application (WPCloud)
Imunify360 provides real-time malware scanning and proactive threat response at the server level. The web application firewall blocks targeted application-layer attacks: SQL injection, cross-site scripting, brute-force login attempts, and known WordPress exploit patterns. CloudLinux isolation ensures that even if another account on the same physical server were targeted, your site’s resources are protected.
Together, these two layers cover the full spectrum of threats. Network attacks never reach the server. Application attacks never reach WordPress. Your site stays online and your visitors never notice a thing.
FOR ENTERPRISE
What Enterprise Clients Need to Know.
If you are evaluating hosting for an organisation with strict uptime requirements, here is what matters:
Protection is infrastructure-level, not application-level. Network-layer DDoS attacks are stopped at the data centre edge by purpose-built hardware. This is not a WordPress plugin or a CDN feature. It operates below the application stack entirely.
There is no shared mitigation pool. OVH’s system is designed so that mitigation for one customer does not degrade service for others. The network capacity is built for this.
No additional procurement. DDoS protection does not need to be purchased, configured, or enabled separately. It is active on every IP address from day one.
Canadian data residency is maintained. Traffic scrubbing happens within OVH’s infrastructure. Your data remains stored and served from Canadian data centres regardless of whether an attack is being mitigated.
WPCloud’s SOC team monitors 24/7. Our dedicated Security Operations Centre team based in North Bay, Ontario monitors security events around the clock. If an attack requires human attention beyond automated mitigation, the team is already on it.
Protected from Day One.
Every WPCloud plan includes infrastructure-level DDoS protection, application-layer security, and 24/7 monitoring by our Security Operations Centre. No add-ons. No extra cost.