Blog Category


DDoS Mitigation Best Practices

With our dependence on the Internet growing each day, businesses face a significant threat from DDoS (Distributed Denial of Service) attacks. DDoS is a type of cyberattack where multiple compromised systems, often referred to as a botnet, are used to flood a target website with an overwhelming volume of malicious traffic. The goal of DDoS attacks is to overwhelm the target server to prevent normal operation, disrupting the business. Website owners must implement effective strategies to mitigate DDoS attacks.

Reverse Proxy

A reverse proxy is a server that sits in front of the webserver, intercepts the request, and either respond to the client with a response from its cache or forward the request to the origin server. A reverse proxy is used to protect the web servers from DDoS attacks, distribute load amongst multiple servers, and utilize its cache to serve static contents without sending requests to the origin server. No client will communicate directly with the server, and the server's IP address will not be revealed to the public.

Defend Wordpress from DDoS

Wordpress is one of the most popular CMS platform available today with over 75 million websites powered by it. The popularity comes with risks as vulnerabilities and weakness of such platform will be shared amongst hackers and script kiddies, and automated bots will be searching for websites built on Wordpress platform.

DDoS Use Case

One of our sister website hosted on cloud server was recently hit by a 9Mbps DDoS, and the apache web server ran out of memory and crashed. The attack lasted more than 2-months with no known reason. We've taken a number of mitigation steps including installation of mod_security with mod_evasive, APF, BFD, DDoS Deflate and Rootkit and Traffic Control, but none came to rescue. Use of Linux provided WAF will mitigate the DDoS to the extent where CPU, Memory and Bandwidth are allowed; and in our case a single CentOS server with 4GB RAM wasn't sufficient to mitigate DDoS.

DDoS

DoS attack, denial-of-service attack, is an explicit attempt to make a computer resource unavailable by either injecting a computer virus or flooding the network with useless traffic. In simple words, it is similar to thousands of people trying to enter a room from a single entrance, ultimately causing havoc. This not only disturbs the normal operations of the network but also results in poor performance and system breakdown due to overwhelming requests. A large-scale DDoS attack (ranges up to 400 GBps) can affect the internet connectivity of an entire geographical region. There are two types of DoS attacks: computer attack and network attack. Common forms of denial of services attacks are: