Distributed Denial of Service (DDoS) attacks are a way that hackers can interrupt your business. They slow down your website by flooding the network, server or application with huge amounts of fake traffic.
They are an ever-present and growing threat to online businesses. Published in August 2019, the Present Status of Distributed Denial of Service (DDoS) Attacks in Internet World report suggests that there was a 35 per cent increase in the number of DDoS attacks between Q1 and Q2 of 2018, alone.
One of the key roles for a webmaster is telling the difference between a legitimate spike in web-traffic, and an attack.
Research undertaken in the Netherlands, USA and Germany stated, succinctly, that “a third of the Internet is under attack” and that they had observed an average of 28,700 attacks per day.
And no-one is immune. Back in 2011, even the CIA’s website was attacked.
So, along with our security partners at Sucuri, we’ll go through the essentials you need to know, to stop DDoS attacks and highlight the steps you can take to help prevent them in the future.
Sucuri has created a free online guide which details what DDoS attacks are, what variants there are and what motivates people to do them.
DDoS attacks – why should I care?
The costs of DDoS attacks against your business can be various and considerable:
How to prevent DDoS attacks
You can see that not being prepared for a DDoS attack can significantly damage your company. So, what do you do?
Activate a WAF
A Web Application Firewall (WAF) is protection that sits between your website and the traffic it receives. Here at Heart Internet, our WAFs are provided by our partners at Sucuri, who go into the workings of our WAF in this blog.
Activate country blocking
Country-based blocking can be effective at minimising the risk of attacks from outside your country and it lessens the danger of mindless bots spamming the connection logs. However, it’s worth noting that IP addresses are not reliably geographical. All a determined attacker would need to do, to defeat this, would be to use a VPN or a proxy based in a country that isn’t blocked.
By their nature, a ‘distributed’ attack comes from various places at once. A modern ‘botnet’ can be made up of thousands of hacked websites, infected computers or unprotected Internet of Things devices distributed around the world.
Also, think about the implications to your business of blocking markets from around the world.
Monitor your website traffic
DDoS attacks can be made of huge amounts of traffic, so keep an eye on your traffic and look for sudden, unexpected spikes. These are called volumetric attacks.
If your website suddenly experienced thousands or even millions of new visitors in an hour – that would be brilliant for your business, if they were all legitimate potential customers. But, what if they’re not?
A dramatic increase in traffic could signify a DDoS attack, so it is essential that you monitor traffic and always check your logs. A few things to look for:
So, be vigilant about your traffic, but also think critically if you do get a spike. It might be good business, not bad news.
What to do during a DDoS attack?
What do you do if your website is under DDoS attack? You block them.
But, the main thing you can do in advance of an attack, is prepare. Here’s a checklist of things to consider: