DDoS Protection Resources from KnownHost
Updated December 10, 2018
With these KnownHost DDoS protection resources, you’ll understand everything from the fundamentals of what DDoS means, to how DDoS attacks work, determining if you’re being hit with a DDoS attack, why hackers bother, how you can prevent DDoS attacks and what KnownHost DDoS protection can do for you and your website.
DDoS Protection Resources
DDoS Meaning – What does DDoS mean exactly?
On the KnownHost wiki, we give a quick overview explaining what is DDoS.
DDoS protection means putting in place measures to prevent distributed denial of service attacks from exhausting your website hosting available resources, whether that entails network, RAM, drive, software application, operating system or service.
Simply put, DDoS protection is where your web hosting company puts measures in place to prevent your website being knocked offline when it comes under attack from hackers.
The average DDoS attack last year cost between $20,000 and $40,000 per hour.
DDoS Attacks – Explained
By using many compromised computers scattered about the world, hackers can launch distributed attacks against servers and web hosting accounts. DDoS attacks aren’t physical, where weapons like guns and knives are wielded, but rather are simply a series of requests, like when a normal visitor comes to your site and requests a page. But instead of one visitor requesting one page, you end up with hundreds, or thousands, of remotely controlled computers requesting many pages – effectively flooding your site with more requests than it can handle.
As a website tries to cope with a DDoS attack, its RAM will get filled, it’s hard drive taxed beyond the ability to cope, databases slow to a crawl and once it reaches a point – it will stop answering requests completely. It’s at this point that a website goes offline, throwing up error messages to visitors – both attackers and legitimate visitors.
The KnownHost blog answers very clearly exactly how do I know if I’m getting hit by a DDoS attack? Our wiki is a great place to find out about proactive monitoring and how advanced server management monitoring can impact your success.
DDoS Attacks – Why hackers do it
The KnownHost blog explains some of the most common reasons why hackers do DDoS attacks.
There are a lot of reasons really, ranging from street cred (hacking can be a competition and those with the most successful hacks get the most respect from their hacker peers) to profit (hackers can DDoS sites for a competitor, having been paid as mercenaries to take out a particular company or group of them, or hold sites ransom and ask for money in order to stop the attack).
98% of DDoS attacks were against large organizations. Are you part of the 2%?
DDoS Protection – What KnownHost does
KnownHost, having been in the hosting business for over a decade, with the best uptime in the industry, are all too familiar with DDoS attacks and how to protect against such attacks. Here’s a quick summary of how KnownHost protects our customers against DDoS attacks.
The essential component of successfully defending against DDoS attacks is by managing the network traffic before those requests hit the target server. KnownHost’s datacenters are all equipped with extensive network appliances which identify attacks and filter those requests so they do not flood the target server. The following attack types are protected by network appliances:
- UDP Floods
- NTP Amplification
- DNS Amplification
- Syn Flood
- Volume Based Attacks
- Fragmented Packet Attacks
DDoS Protection – What isn’t covered
Because of the limits of technology, by design, there are certain things that cannot get filtered by network appliances, and hence aren’t covered by DDoS protection. These are largely known as Layer 7, or application layer, attacks. Here are some examples of attacks not covered by DDoS protective systems:
- Brute force login attacks
- XMLRPC floods
- Low level HTTP traffic floods
- Email / Spam Floods
- IPv6 Null Route Only
DDoS Protection – How to mitigate application layer DDoS attacks
There are a number of means to preventing a flood of application requests, depending on the nature of the request.
As Cloudflare explains, for application requests via UI, a site owner can insert a CAPTCHA challenge, forcing successful completion of a task that’s extremely difficult to script programmatically, and which generally needs a human in order to get past.
For other types of requests, the server should have firewalls and mod_security implemented at the server level. By using common security best practices, such as these, site owners can prevent a huge number of exploits by hackers.
Incapsula explains their in-depth approach, which is one of a number of approaches to handling DDoS requests that fall outside of network appliance protection.
How to Recover from a DDoS Attack
In the event you’ve experienced some difficulties from being hit by a DDoS attack, it is important that you understand what you can do to recover from a DDoS attack.
By choosing the right website hosting company, such as fully managed hosting from KnownHost, you can have DDoS protection against the most likely methods of attack. Our experienced server admin staff can help you with configuration and hardening as well, to help cover those trickier situations that put your site at risk.
DDoS attacks can be very costly to website owners – putting their reputation, finances and peace of mind at risk. 100% managed hosting at KnownHost is value-priced, high performance and designed to keep you online more than with any other hosting company. Our Hyperspin online stats prove how effective we are at keeping your website up and running, through thick and thin! Note that RocketVPS, the other high uptime host tracked at Hyperspin is a wholly owned KnownHost subsidiary.