FAQs for news publishers
Here are questions about Project Shield related to news publishers and organizations:
A distributed denial of service attack (DDoS) is a type of digital attack where an attacker attempts to make a website unavailable by overwhelming it with with traffic from multiple sources. Attackers often exploit thousands, or even millions, of computers and trick them into visiting a website at the same time. The resulting flood of traffic can overwhelm servers and the website goes offline.
Project Shield protects websites from attackers using technology called a reverse proxy. A reverse proxy allows websites to route traffic - both legitimate and attack traffic - through Google’s infrastructure, which lets legitimate traffic flow through and stops illegitimate traffic from reaching the publisher’s servers. Think of Google as a train conductor only letting ticketed passengers aboard.
Just visit g.co/shield, fill out the brief form on the site.
Upon verification your site will be enrolled and you will be able to configure Project Shield protection. Configuration is straightforward and simply requires that you provide your origin server to Project Shield and configure your DNS (Domain Name System) settings to direct traffic to Project Shield.
Learn more about what you need to set up Project Shield.
Project Shield users often find that using the service improves the performance of their website. However, some sites experience a small increase in latency as their traffic passes through Project Shield. Try Project Shield and test the performance for yourself.
Advertisements typically load content directly from an ad network and are therefore unaffected by Project Shield.
Project Shield won’t affect the vast majority of video, but you should try the service on your site to determine whether it has any performance impact. If video on your site is served by another site (such as YouTube), Project Shield won’t have any effect.
Project Shield supports SSL-protected websites. If the publisher uses SSL on its site, the traffic is encrypted from the publisher to Google and from Google to the end-user.
Like similar services, traffic routed through Project Shield is decrypted within Google’s infrastructure and then re-encrypted to the site’s readers. We decrypt this data to provide caching and DDoS mitigation services.
Project Shield stores two types of data, user configuration settings and logs for traffic that is proxied through Project Shield.
Project Shield is built on Google Cloud Platform, and both types of data are stored on Google Cloud Platform.
We use the data we collect from Project Shield for DDoS mitigation to improve the product, and to provide information to our users about their traffic. We use the site reader’s IP address and other information to evaluate whether traffic is an attack.
We only retain aggregated metrics and details about specific attacks. If you delete your site from the Project Shield dashboard, Project Shield will delete your site configuration information and will no longer collect traffic data from your site.
Google does not use the information collected from Project Shield for improving search results or targeting advertising to end users.
Learn more about your data and privacy with Project Shield.
Project Shield uses Google Cloud Platform to provide our service. Users who cannot access Google Cloud Platform services (e.g. in countries who block all Google IP addresses) may not be able to access content being served through Project Shield.
Project Shield is available to all publishers except those in countries where trade sanctions or other legal issues prevent us from offering the service.
Yes. Project Shield is turned “on” and “off” using your DNS configuration, so changes happen as quickly as any other DNS change.
Not necessarily. Some attacks may be absorbed by Project Shield so effectively that they don’t generate an alert. In the case of large-scale attacks that require active mitigation, we may notify affected users.