How to protect your website against a DDoS attack

Posted on September 21, 2018

 

You might think there’s no such thing as ‘too many visitors’ to a website. How can you have too many? It’s not like a physical shop, where you have a maximum capacity for health and safety reasons. However there is such a thing as too many, and it could come at any moment – especially if you have a particularly high-profile business.

For example, I once built and hosted a website for an Elite League ice hockey team in the UK. As the website was part of the American NHL family, it was linked to from the NHL teams’ websites, and was seen as a part of that ‘western Americana’. It was high profile, and was a target for hackers and those other nefarious corners of the internet.

A website like that couldn’t sit on standard shared hosting. It needed a hosting solution that could handle periods of extreme traffic, and huge data spikes. Some of which were genuine, some of which were known as DDoS attacks (Distributed Denial of Service).

But what is a DDoS attack?

It’s when your website is hit, multiple times, by many different computers all at once. A script is used to use ‘zombie’ computers (it sounds nasty, but it’s just a computer that is being used without the knowledge of its owner) to hit a particular website. This causes the website’s server to crash, taking the target website down.

There could be hundreds, thousands or even hundreds of thousands of zombie computers all hitting a website at the same time.

It’s all pretty unpleasant and inconvenient for the website owner, and for any websites which happen to be hosted on the same server. This is why you shouldn’t use cheap shared hosting, where there could be thousands of websites on your server. Any DDoS attack on just one of those websites sharing your server could take down your website as well.

At Engage Web, we recently had a DDoS attack on one of our own websites. It was to be expected with the popularity of the content it was creating. Luckily our server is set up to identify potential issues such as this, and the DDoS attack was handled before it became an issue. To further protect against future DDoS attacks, websites can use DDoS mitigation from providers such as Cloudflare. The best thing about this is that it’s free for the basic setup. By using something such as Cloudflare (there are other providers, but this is the one we use at Engage Web) any incoming DDoS attack can be identified and mitigated at the Name Server level, before it reaches your web server and potentially causes a crash.

What’s more, Cloudflare uses machine learning to identify potential DDoS attacks before they happen – so any suspicious traffic that may look to target your website is cut out at the source, before it becomes a problem.

The more popular your website becomes, the more traffic it receives and the more reach your brand experiences, the more likely you are to fall victim to something like this. It’s just one more thing to worry about that Engage Web takes care of for you, and isn’t something you’d get with cheap web hosting from someone who doesn’t understand all of these issues.

Darren Jamieson

Technical Director at Engage Web
Darren is Technical Director at Engage Web, as well as being a co-founder of the company. He takes a hands-on approach to SEO and web design, helped by more than 15 years’ experience in these fields.

Like us on Facebook to see more posts like this

You might also be interested in:

No Comments »

There are no comments on this yet, be the first to write a comment.

RSS feed for comments on this post. TrackBack URL

Have your say!

We have worked with:

minute-man-press-image
TEL: 0345 621 4321