8 Ways To Protect Your Website From DDoS Attack
posted by Anna Mar, March 15, 2011If a DDoS attack hit your site today — what would you do about it?
There are 8 common defences for a DDoS attack.
1. Efficiency
DDoS is a war of attrition — efficient use of resources is a key defence. Applications need to be designed from the ground up with efficiency in mind:- well architected and designed
- efficient code and algorithms
- proper memory allocation and clean up
- configurable time outs and resource restrictions
2. Excess Capacity
If your site is running at 90% capacity with normal traffic — it is a sitting duck for a DDoS attack.The more excess capacity (throughput) you have the better — cloud infrastructure that allows you to dynamically add capacity is ideal.
3. Testing and Planning
DDoS attacks can be simulated as part of performance testing. Testing helps you to understand how your application bares the stresses of a DDoS — so that you can plan a defence.4. Layer 4 Network Equipment
Switches and routers generally built in defences for layer 4 attacks.Effective layer 4 defences include bogus IP filtering, traffic shaping, TCP splicing and rate limiting. Work with your ISP or network equipment vendor to understand the features of your network.
5. Bandwidth Management
Bandwidth management hardware allows you to classify incoming traffic as priority, regular or dangerous. It event of a DDoS attack non-priority requests can be dropped.6. Intrusion Detection Systems (IDS)
IDS look for attack patterns in incoming traffic and can drop suspicious packets.7. Custom Defence
Many layer 7 attacks require a custom on-the-fly defence. Typically, web developers analyse traffic patterns for irregular:- IPs
- request signatures
- http headers
- form parameters
Once a pattern is determined filters can be implemented on the web server to drop matching requests.
8. Blackholing and Sinkholing
Severe DDoS attacks may require Blackholing — sending all requests to a non-existent server. This brings the website down but relives the pressure on the server.Sinkholing sends all requests to a logger that logs some statistics and then drops the requests. Sinkholing can help developers establish attack patterns.
Recently on Simplicable
Multifactor Authentication Explainedposted by Anna MarHow to confirm the identity of users and entities. |
Physical Security Explainedposted by Anna MarPhysical security is real world security. The type of security that existed long before the information revolution. |