A DDoS attack is surprisingly easy to carry out and millions of websites worldwide are affected every year. And the worst news? The numbers are growing every year.
photo credit: Istockphoto.com
It almost seems like a part of life these days: the more successful your website is, the more likely it is that you will be attacked at some point. But there is also good news: you can significantly reduce the chances of a successful DDoS attack on your website.
You might be wondering: what exactly is a DDoS attack? And how can I protect my website against it? In this article, we’ll explain exactly what DDoS attacks are, examine what can make your website vulnerable to them, and help you minimize the likelihood and impact of a DDoS attack.
What exactly is a DDoS attack?
First of all, let’s take a look at what a DDoS attack is and, just as important, what it is not.
DDoS stands for Distributed Denial of Service, often simply called Denial of Service, or in plain English, taking a website offline. A DDoS attack consists of ‘storming’ a website with lots of requests in a very short time, with the aim of overwhelming the website and causing it to crash. The ‘distributed’ part means that the attacks come from different places at the same time, unlike a ‘normal’ DoS which comes from just one location.
If your website gets a DDoS attack, you will get thousands of requests from different locations within minutes or sometimes hours. These requests are not because your website suddenly has a spike in traffic: they are automated and come from a limited number of sources, depending on the extent of the attack.
A DDoS attack is certainly not the same as being hacked, although the two can be related: the attackers are not trying to get to your files or admin data, but are trying to crash your website or make it more vulnerable through brute force. In some cases, this is followed by attempts to hack your website while it is more vulnerable, but usually, the goal is just to put the website out of service.
It may sound like there is no way to prevent a DDoS attack: after all, if someone decides to send a bunch of requests to your website, there is little you can do about it. But while there is indeed little you can do to stop someone from sending a DDoS attack, there are measures you can take to prevent your website from becoming vulnerable or crashing once you are attacked.
What can make your website vulnerable to DDoS attacks?
Some websites are more vulnerable to DDoS attacks than others. Sometimes your site is more vulnerable to the attack itself, in other cases, your site is more vulnerable to the side effects of such an attack.
1. Cheap hosting
The first biggest vulnerability to DDoS attacks, or any cyber attack for that matter, is cheap hosting.
Cheap hosting has two major drawbacks: poor support and lots of customers. In order to offer hosting so cheaply, the hosting provider must put many clients on the same server. This means that if one of the other websites on that server is attacked, your website may also suffer.
Cheap hosting providers usually offer few security measures against DDoS attacks. They don’t warn you if an attack occurs and they don’t help you fix your website afterwards. They don’t back up your website regularly, and even if they do, it’s unlikely that they’ll help you restore your website. In other words, you will have to do it yourself.
That’s not because cheap hosting providers are trying to rip you off or because they don’t deliver what they promise: it’s simply because they want to be able to offer hosting so cheaply. They have to cut back on support or they would never be able to make a profit.
If you have a business where your reputation and the security of your website is important, it pays to invest in good quality hosting. The extra cost is worth it. You don’t have to spend time fixing your website after an attack. It’s well worth it if it means your website stays online and safe during a DDoS attack.
2. Not prepared
If you are properly prepared for a DDoS attack, you can still be attacked. The big difference is that the consequences are less severe.
First of all, your website is more likely to stay online during the attack if you take the right security measures.
But understanding how to stop a DDoS attack also helps. If your website is attacked and you are properly prepared, your site will be back online much faster.
By installing security software and using security alerts from your hosting provider, you can be alerted when your website is under attack. Then you or your hosting provider can take action to protect your website.
By backing up your website regularly, you can quickly restore your website if problems do occur.
And by keeping your website up-to-date, it is immediately less vulnerable and easier to restore – if necessary.
3. Insecure or outdated code
Keeping your WordPress version, theme, and plugins up to date won’t prevent a DDoS attack, unfortunately.
But if you are attacked and hackers then try to get into your website, they are much less likely to succeed.
Measures include updating your website and only using plugins and themes from trusted sources. The WordPress theme and plugin collections are by far the best place to find free themes and plugins, and trusted developers will make them available there as well. Be careful not to install code that is incompatible with your hosting, and never install themes and plugins that are no longer supported.
How can you protect your website from DDoS attacks?
Now for the question you’ve been waiting for: how can you protect your website from a DDoS attack?
There are several measures you can take. Which one works best depends on your unique case, your budget, and your preferences.
Blackholing is the most commonly used ‘protection’ against DDoS attacks. Blackholing is a technique where one decides to remove the victim’s IP address from the Internet by making all traffic sent to it disappear into a ‘black hole’. Hence the name blackholing.
So blackholing means giving the attacker his way and making his target unreachable. This is done in the hope that this will allow him to put enough feathers on his hat and stop the attack. Since most DDoS attacks are the work of script kiddies, this is often effective. In addition, via blackholing you try to hit the attacker in his own pocket: after all, using a botnet costs money. So the question is how much money the other party can and wants to keep spending to attack you.
Blackholing is the weakest form of protection because if the attacker is stubborn and has sufficient resources, you will remain offline for a long time.
A better form of DDoS protection is mitigation. Compare it to a car wash: all traffic goes into the car wash and all the dirt is washed away. Only the clean traffic leaves the carwash.
This is done using the previously discussed heuristic software, which makes intelligent decisions based on patterns at lightning speed, as to whether traffic is legitimate or not. Today there are already specialized providers that offer mitigation-as-a-service. They play car wash, as it were before the ‘clean’ traffic is sent your way.