HostSailor.
Beginner 2.0
Simply put, a DDoS attack on a website is a network-borne attack that is designed to put a website offline by overwhelming it with traffic. A DDoS attack can come from a single source, or increasingly from botnets on several sites infected with robot malware. Companies need to protect against DDoS attacks on their websites.
There are three basic types of DDoS attacks:
- A web server attack. Bandwidth and application intensive service requests overwhelm a webserver and crowd out regular traffic;
- A communications protocol attack targeting servers, firewalls, and other web services like load balancers with the objective of overwhelming their resources; and
- An amplification attack is designed to overwhelm the link between the website and the Internet with extreme volumes of traffic that consume and monopolise an organisation’s bandwidth.
Can you prevent DDoS Attacks?
The simple answer is “No“. Some attacks throw as much as two Terabytes or more per second at your system, so prevention is nearly impossible. However, you can reduce their effect and keep your systems up and running. Here are six ways to do that:
Physical Tactics
- A Web Application Firewall
- Overprovision Bandwidth
- Perimeter Defences
- Rate limiting your router;
- Adding filters to your router to drop packets from obvious DDoS packet sources;
- Timing out half-open connection; and
- Dropping malformed and spoofed packets.
Non-Physical Tactics
- Have a Plan
Part of the plan must be to let your ISP know as soon as possible that you are under attack and need help. If you have outsourced your website hosting let your Managed Service Provider know as well. They can take steps to reduce the effect of the attack. If the attack is sufficiently strong, they may already have noticed.
In a hosting environment, there are two organizations responsible for security – the host and the client. The host needs to ensure that the overall hosting environment is secure. In effect, set up a DDoS-protected VPS hosting environment. The client needs to ensure that malware does not find its way onto their virtual server.
Continually monitor network traffic. and Identify an Attack as Early as Possible
A DDoS attack on a web server can be recognized by changes in the normal network traffic pattern, usually large spikes in traffic. Most network management systems can be set up to issue alerts if traffic patterns change. One thing to check is that changes in traffic are not caused by something else, like a marketing event such as a sale.
External Assistance
How your ISP could respond is by:
- Dropping or blocking your Internet connection to protect their other customers. You will lose Internet access while the DDoS attack is running. That is why you should let them know as soon as possible; and
- Cleaning all your incoming traffic. Obvious DDoS packets are dropped before they forward hopefully legitimate ones to your web server. For massive DDoS attacks, you or your ISP will need to call in an attack specialist. DDoS Mitigation Specialists operate massive infrastructures and have access to a wide range of specialist tools, including scrubbing, to prevent your server from collapsing.
The simple answer is absolutely not. Captcha is an application that is intended to verify that a web request has been placed by a human. It does not operate at a network level that detects DDoS traffic.
Conclusion
DDoS attacks are a fact of web life. Because they cannot be prevented, you need a plan to reduce their effects and keep the website up and available.
Last edited by a moderator: