In other words: If I create a custom web service (Anonymous) for integration with external systems (of course with basic security logic to identify the source which is accessing my endpoint), Is creatio DDoS Safe? Or in this case i should use application firewall (like cloudflare) infront of creatio ?
Creatio does not include built-in DDoS protection for custom web services, including those with anonymous access. While you can implement basic logic to validate incoming requests, this will not protect against distributed denial-of-service (DDoS) attacks.
If you are exposing custom endpoints to external systems, especially anonymously, we recommend placing your Creatio instance behind a Web Application Firewall (WAF), such as Cloudflare, Azure Front Door, or AWS WAF.
A WAF can help with:
Rate limiting
IP filtering
Bot protection
DDoS mitigation at the network level
Additional notes:
Anonymous endpoints are more vulnerable if their URLs become publicly known.
Validation logic is helpful but not enough to stop large-scale traffic.
If your Creatio instance is hosted in the cloud, some baseline protection may be in place, but it does not apply to custom web services exposed externally.
