Detection, Mitigation & Response

Detect and mitigate DDoS attacks in under 1 second, respond automatically, and keep your users informed.

All features →
1-Second Detection
Know the instant traffic spikes. PPS checked every second.
Attack Classification
Identifies 8 attack types with protocol-level confidence scores.
Node Firewall Rules
Per-server iptables, null-routes, CDN rules & scripts.
Cloud Scrubbing
Auto-divert to Cloudflare, OVH, or Hetzner on attack detection.
BGP Mitigation
Auto-deploy FlowSpec, RTBH blackhole & rate-limiting via BGP.
Multi-Channel Alerts
Discord, Slack, PagerDuty, OpsGenie, SMS, email, webhooks.
IOC Pattern Matching
Identify Mirai, LOIC & botnets via payload-level indicator matching.
PCAP Capture
Full packet capture with AI-powered forensic analysis.
Status Pages
Auto-updated public incident pages for your users.
Real-Time Analytics Dynamic Baselines Threat Intel Multi-Node Maintenance Audit Log
Learn
Documentation Quick Start API Reference Agent Setup DDoS Protection Landscape Free Certifications NEW
Popular Guides
memcached Amplification Dynamic Baselines PCAP Forensics PagerDuty Setup
Company
About Us Partners White Label Referral Program Pay with Crypto System Status
Legal & Support
Contact Us Terms Privacy SLA
Who Uses Flowtriq

From indie hosts to ISPs — see how teams like yours use Flowtriq to detect and stop DDoS attacks.

Talk to Us →
Infrastructure
Hosting Providers ISPs MSPs Small Operators
Gaming
Game Server Hosting Game Studios
Business
SaaS Platforms E-Commerce Financial Services
Docs/Authentication

Authentication

Flowtriq uses two authentication methods depending on the client type.

Deploy Token (Automated Node Provisioning)

Generate a deploy token in Settings → Workspace to programmatically register nodes. Pass it as a Bearer token:

Authorization: Bearer your-64-char-hex-deploy-token

The deploy token is used with the mass deployment API (POST /api/deploy) to register nodes and retrieve their API keys. See the mass deployment guide for full details.

API Key (Agent Authentication)

Each node gets a unique API key when created (either through the dashboard or via the deploy API). The FTAgent uses this key to authenticate with the Flowtriq backend:

Authorization: Bearer node-api-key-here X-Node-UUID: node-uuid-here

The agent sends both headers on every request to https://flowtriq.com/api/v1/agent/* endpoints (metrics, heartbeats, incidents, PCAP uploads). API keys are stored in /etc/ftagent/config.json (chmod 600).

Agent API keys are per-node secrets. Never expose them in client-side code, version control, or logs.

Dashboard Authentication

Dashboard users authenticate via email and password at flowtriq.com/login. Session-based authentication is used for all dashboard and dashboard API endpoints (/api/dash/*). There is no token-based REST API for dashboard operations at this time.

Need programmatic access to nodes, incidents, or metrics? Contact us about API access for your integration.