About Deflect

Deflect is a distributed infrastructure built to mitigate DDoS attacks and keep your website accessible at all times. Its built on principles and free software. Our tooling has serviced thousands of websites and millions of their readers, since 2011. Learn more on the Documentation portal or by looking up individiual Github repositories below.

Deflect Components


This repository allows any individual or organization to setup their own DDoS mitigation service. It contains all necessary components to setup your network controller and edge servers - essentially acting as a reverse proxy to your (clients') origin web servers.


Written in Go, Banjax handles IP challenges and bannings within the Deflect network. It can be used standalone within your own network, or together with the main Deflect service for complete layer-7 DDoS mitigation.


Edgemanage is a tool for managing the HTTP availability of a cluster of web servers via DNS. The machines tested are expected to be at risk of large volumes of traffic, attack or other potential instability. If a machine is found to be underperforming, it is replace by a more performant host to ensure maximum availability.


Ansible recipes for provisioning and maintaining a managed Wordpress hosting framework.

About Deflect Labs

Deflect Labs is an ongoing and multi-facteted initiative to identify and mitigate malicious network behaivour using artificial intelligence. In production on the Deflect network, the technology and lessons learned are forming the basis of a privacy preserving threat information clearinghouse in the near future.

Deflect Labs Components


Baskerville is an application layer (7) DDoS mitigation tool, running an analytics engine that leverages machine Learning to distinguish between normal and abnormal web traffic behavior.

Baskerville Dashboard

The Baskerville dashboard allows Baskerville users to submit feedback on previously detected attacks, to help Baskerville learn whether its predictions are accurate or not. This feedback in turn allows the model to mature, and produce better predictions in the future.

Client Module

Baskeville client is a client module which processes web server logs and calculates statistical features, send features to a clearing house instance of Baskerville, receives predictions from clearing house for every IP, issues challenge commands for every malicious IP in a separate Kafka topic, and monitors attacks in Grafana dashboards.