Protecting your site from DDoS attacks. Must know!

DDoS attackDistributed Denial of Service (DDoS) interruptions literally wreak havoc on thousands of websites globally every year, causing extended periods of downtime resulting not only in lost revenue, but in lost communications and connectivity which has crippled countless corporate networks and brought a myriad of businesses to their knees. These types of Internet attacks overwhelm a website’s ability to function as designed, but the good news is that there are remedies, both in predicting attacks and in giving website owners early warning capabilities.

What are some of the motives why criminals launch DDoS attacks?

Their motives are sometimes politically or financially based, but some are launched simply for bragging rights. Often, they’re launched to mask other illicit crimes such as fraud and data theft.

The key to protecting your website is to be proactive

In much the same way that you think ahead to install locks on your doors to prevent unauthorized access to your business, and alarm systems to warn you of break-ins, employing DDoS protection enables you to detect and mitigate these types of Internet attacks. Let’s face it – not many businesses can survive extended periods of downtime if one of their primary sources of revenue is their website.

The basics of DDoS protection

Typically, identifying and mitigating DDoS attacks happens within the backbone of your provider, prior to it ever reaching your network. With protection, as data flows to websites, malicious traffic is detected and routed elsewhere, then dropped, allowing legitimate traffic to pass through.

What happens when an attack is detected?

When your DDoS defense infrastructure detects an attack (by monitoring specific IP addresses), mitigation procedures are initiated to scrub your traffic. Typically, an alarm is sent to your provider and to you, and the offending traffic is redirected to your provider’s scrubbing facility.

When researching DDoS providers, look for infrastructure that:

  • First and foremost, can detect and identify an attack
  • Performs packet scrubbing
  • Can detect anomalies
  • Is capable of blocking malicious packets on-the-fly
  • Allows the safe passage of legitimate packets (your website’s business traffic)
  • Isolates and redirects DDoS traffic floods within their network before it clogs your site
  • Protects malicious traffic from reaching your network, rather than simply reacting to an attack.

What features should your DDoS protection provider offer?

They should:

  • Provide attack notifications, either via a pager and/or an email. Ask if they provide SMS alerts
  • Be capable of analyzing traffic and setting up email trap alerts
  • Have robust infrastructure in place, including the devices/equipment necessary to mitigate an attack
  • Provide monitoring for specific IP address ranges
  • Offer some sort of portal access for reporting, to include anomalies, analysis and status updates.

Some tips on how to prepare for a DDoS attack

Obliviously, once attacked, you’ll need a reaction plan, but here are some tips on how to ready yourself before that happens.

  • Identify the personnel that are designated to remediate an attack
  • Work with your provider to test your service at least once a year to ensure everything progresses as anticipated, including alerts
  • Anticipate the resources you’ll need should an attack exceed beyond normal expectations
  • Keep your gateway architecture and mitigation settings up-to-date
  • Ensure your DDoS protection provider understands how to mitigate current types of attacks
  • Know upfront what capabilities your provider possesses
  • Set up another means of communicating when being attacked other than the IP based services that may be effected. VOIP is a prime example
  • Keep up with architecture as it evolves

If you’re under attack

Once under an attack, reference your plans and document all of the actions taken to mitigate the attack and be sure to save all of the logs and captured packets, if possible.

BROUGHT TO YOU BY PROLIMEHOST

We’ve been in the web hosting industry for over a decade, helping hundreds of clients succeed in what they do best and that’s running their business. We specialize in Virtual Private Servers (VPS) and dedicated servers, with data centers in Los Angeles, Denver & Singapore.

VPS SERVICES: LIGHTNING FAST SSD VIRTUAL SERVERS

Our Virtual Private Servers all feature high performance Xeon processors and SSD storage in a RAID10 configuration to optimize your server’s performance, which dramatically enhances visitor experiences on your site.

That speed is backed by unparalleled 24/7 support, featuring both outstanding response AND resolution times to maximize your uptime.

Now is the time to join the ProlimeHost virtual private server revolution.

DEDICATED SERVERS: BACKED BY A 99.9% SLA NETWORK UPTIME GUARANTEE

We only use enterprise-class hardware in our dedicated servers and offer a four (4) hour hardware replacement. Throw in IPMI for remote management, support for public and private networks, free operating system (OS) re-installs, and SATA, SAS & SSD (including NVMe) storage. Call 1-877-477-9454 or contact us. For everything from gaming servers to cheap dedicated servers, we’re here to help.

ASIA OPTIMIZED SERVERS: IMPROVING CONNECTION SPEED AND QUALITY

Procuring an Asia optimized server improves the connection speed and quality between the server and the users in Asia or China. This can reduce latency, packet loss, jitter, and bandwidth issues that can affect the performance and reliability of the server and the applications hosted on it. For more information, please call 1-877-477-9454 or contact us.

Steve
Latest posts by Steve (see all)

Leave a Reply