DDOS Attacks – Early Detection is Better than Failoure

DDOS Attacks – Early Detection is Better than Failoure

A Distributed Denial of Service DDOS attack, is undoubtedly the worst thing that could happen to your server. It silently destroys your online presence as well as your image because clients to your server will form this unavailable reputation of your web service. On your part, you have this feeling that your web services are being accessed but little do you know that they are held on to by this illegitimate client who will not let go. Unless you are a seasoned internet security expert or have a DDoS protected plans, it would take time before you know what hit you since your server shows that it is up and you also have bandwidth but most of your clients are unable to use your web services.

In history, BBC news service is one of the largest companies that had a DDOS attack where their services were unavailable for the whole day before the attacking IP addresses were identified and smoked out. Today, with the use of multiple distributed botnets, it is increasingly becoming difficult to detect who is firing a DDOS attack at you since the traffic does not come from one IP address. Fortunately, there are dedicated security experts who provide webmasters with DDOS checkers as well as help you shake off attackers when they make for your jugular.

Why me?

One of the first questions that you cry out when you are hit by a DDOS attack is, “Why me?” Well, firstly, cloud hosting providers are a favorite target for cybercriminals because the cloud holds up personal details of your clients such as their email addresses, names, credit card numbers and mobile phone numbers. The cyber-criminal would, therefore, feel lured to attack you if they find that you use a shared cloud hosting service so that they can get access to these vital client details. To avoid this, you will need to upgrade to your own dedicated server.

Secondly, the DDOS attacker could be coming from your competitor who feels that if they deny your prospective clients access to your web service, the client will end up using their own web services. The competitor would then steal client vital details such as email addresses so that they can target to sell the email address bearers their own products.

Cybercriminals sometimes make malicious DDOS attacks so as to boost their egos. Most cyber-attacks are done by malicious IT students who are out there to try new concepts that they learned in class. They will, therefore, attack a web service, not to gain anything, but just to see you suffer as your clients lack your vital services.

Detecting a DDOs attack

A red flag that shows you that you might be under a DDOS attack is when you try to reach out to your service only to be met by a 503 Server Unavailable Error yet all indications on the server part shows that it is up and running all right. Two, web services become too slow for efficient production yet your Internet Service provider has not placed any cap on your Internet use. In case you detect these kinds of things, you need to first report to your Internet Service Provider by emailing them through their abuse email platform which at most times is abuse@ so that they can try and troubleshoot the error. If this does not help, you can proceed to do the following:

  • Limit the number of service requests at the router and switch level
  • Use clean pipes technique that allows normal looking traffic while denying access to anomaly traffic.
  • Use application front end software that prevents abnormal requests from getting to the server

Protecting yourself from DDOS attacks
As they say, prevention is better than cure. Before the DDOS attacker raids you, be ready to counteract their effect by early detection so that you are able to report and ask for assistance. You can do so through the following ways:

You can block the IP’s from your dedicated server using the below commands:

route add ipaddress reject

Monitor your traffic profile
As a webmaster, you need to self-monitor your site stats profile so that you are aware of the average traffic your web service gets in a day. Anytime you notice an unusual web traffic spike, do not be too happy about it but identify whether the traffic is genuine or a DDOS attack. If for example you daily online traffic is 100 and you wake up one day to find 500,000 visitors, do not go about screaming your heart out that your website has made it to the league of high traffic websites. No! That traffic spike is unusual and you need to take it with a pinch of salt.

Increase your bandwidth
A dedicated server with low bandwidth might show you that you are on a DDOS attack while in actual sense, you aren’t. High traffic from genuine clients will exhaust your low bandwidth resulting in slow speeds or unavailable services for most of the clients. To avoid this situation, ask your dedicated server provider to give you with more bandwidth.

Set up an alarm system with DDOS protected plans
You need to set up an alarm system that warns you in case your web service gets a high spike of unusual traffic. With the alarm system, you will be notified via email or mobile phone in case there is an unusual activity that might need a DDOS checker to detect whether you are attacked.

Advanced firewall protection
When you identify IP addresses of clients that are attacking your server, you need to add a firewall to block them from future attacks.

Use third party DDOS mitigation services
Not every webmaster is a trained IT hack and most probably, you are not. Technical networking jargons on how to detect and stop DDOS attacks might sound gibberish to you since you make no head nor tail of them. However, if you bought a dedicated server from a company that keeps DDOS attacks at bay, you will be safe and sound since you would not be responsible for detecting the DDOS attacks but you have someone whose role is to chiefly do so in your stead. With their DDOS checker and DDoS protected plans, they will be able to mitigate all attacks directed to you.