Tips for Protecting Your Website From a DDoS Attack
As of late 2014, the average distributed denial of service (DDoS) attack cost businesses approximately $40,000 in lost revenue an hour, according to a survey conducted by Incapsula. However, when you factor in damage to the brand name, wasted time, and legal fees, the amount rises to $114,155 per hour. From gaming platforms to EBay and even the Montana Health Department, it seems that no business or organization is immune to attack, regardless of what type of website security measures they have in place.
DDoS Attacks Are Bigger, Badder, and More Intense
Within the past four months, Incapsula has recorded DDoS attacks from 40,269 IP addresses from 1,600 ISPs located all over the world. The attacks are also lasting longer, up 21 percent to 34.5 hours from 28.5 hours in the past twelve months. The average bandwidth attacked has risen by an astounding 691 percent from 6.1Gbps to 48.25Gbps during the same period of time.
If you have already been the victim of a DDoS attack, this does not mean you should feel free to let your guard down. According to the 2015 North American Denial of Service (DDoS) Attacks and Impact Report, 85 percent of companies are the target of a DDoS attack on multiple occasions.
What Can You Do to Protect Your Website?
Although these numbers are almost certain to continue rising it does not mean that you simply have to sit back and wait for your website to fall victim. The following looks at the best ways to prevent your website from a DDoS attack.
Early identification of a DDoS attack is crucial.
The sooner you realize that that your website is having issues due to a DDoS attack, the sooner you are able to begin doing something about it. If you are the one responsible for running your own servers, you must be able to identify when they are first under attack.
To identify a possible attack, you need to be very familiar with your usual inbound traffic pattern. This will make it significantly easier to identify a problem because most DDoS attacks start with an incredibly sharp spike in traffic. It is going to be helpful if you differentiate between a rush of legitimate visitors the beginning of an attack. This involves understanding the characteristics of your typical visitors. For example, if your company doesn’t normally attract visitors from Africa and all the sudden you notice a good bit of inbound traffic from there, it could indicate an attack.
While attackers are becoming increasingly savvy at working around network Firewalls, it does not mean that you should ignore Firewalls as a source of protection from DDoS attacks. The main reason hackers are able to get past Firewalls is because they usually focus on examining and preventing access to one entity at a time and cannot, but there are still some things you can do to help protect your website and potentially buy yourself a little bit of time before an attack becomes significantly worse including:
• Drop malformed or spoofed packages
• Lower the flood drop threshold on your ICMP, SYN, and UDP
• Include filters that instruct your router to drop packets from apparent sources of attack
• Keep your web server from becoming overwhelmed by rate limiting your router
• Become more aggressive at timing out half open connections
Over-provisioning or purchasing extra bandwidth or redundant network devices to manage any sharp spikes in demand can help protect your network from a DDoS attack. In most cases a company has no advance warning that a DDoS attack is imminent. Since most attacks tend to concentrate on consuming all your Internet bandwidth, having additional bandwidth has the potential to mitigate the effects of an attack.
Even if you are not overly concerned about the possibility of a DDoS attack (which statistically you should be, especially if you have already been the target of an attack), you should have more bandwidth available to your web server than you would think you could potentially need. This allows you to accommodate unexpected surges of traffic to your site caused by a mention of your company in the media, a successful advertising campaign, or a special offer that goes viral. While increasing your bandwidth by as much as 500% is unlikely to be able to stop a DDoS attack before it has the chance to get started, it will provide a couple of extra minutes to act before your site becomes overwhelmed.
Hosting Provider: Call a Specialist
The chances of your website surviving a DDoS attack with minimal damage increase when your web server is located within a hosting center. Not only do they have significantly more experience fighting off attacks than you probably do, they also are more likely to have higher capacity routers and higher bandwidth links. In addition, they can usually keep DDoS traffic away from your corporate LAN, which should allow some components of your business, such as email and potentially voice over IP services, to operate as they normally do during an attack.
If you are in need of a reliable, yet cost effective hosting provider, BudgetVM can offer the protection from DDoS attacks that you are looking for. While they offer a number of service plans to choose from, features and services that are included with all hosting services include:
• DDoS protection to protect against unknown, known, and evolving DoS, DDoS, and other volumetric attacks.
• DoS protection to defend against attacks via Invalid IP packets, IP protocols, UDP, TCP, ICMP types, packet lengths, and Time to Live field.
• Portal that provides real time notification of attacks, as well as mitigation and resolution of DoS and DDoS attacks.
• Strong network with more than 160Gbps of Global Routing capacity that can handle even the largest attacks.
• Management by our experienced and highly trained staff to monitor your network and make certain it is running at its top performance abilities.
• 24/7 dedicated support that is always monitoring your services to make sure your site stays online.
BudgetVM has a wide away of plans to choose from, so you can find a plan that best meets your needs, whether you run a global company or a small local store.
Don’t allow your website to become the next victim of a DDoS attack. Use the tips above to offer protection.