DDoS Protection

From Spamwiki
Jump to: navigation, search

Use of the Servers

Choice of hosting

The type of hosting that is used will affect your ability to respond to an attack. There are currently several types that will be split into 2 groups:

Bad DDoS Protection

Good DDoS Protection

What makes for bad DDoS Protection

Free web hosting:

  • No real access to the server.
  • Limited server strength
  • A DDoS will cause an outage for other customers of the host. They will be forced to cancel your account to protect their other customers.

The problem with shared web hosting:

  • A DDoS will cause an outage for other customers of the host. They will be forced to cancel your account to protect their other customers.

The problem with managed hosting:

  • No full access to the server.

What makes for good DDoS Protection

Types of hosting that are good for DDoS Protection allow:

  • Root access to the server
  • Isolation of your server/server space from those of other customers
  • Full access to your server/space
  • No interference from the hosting company in the operation of your server/space

Interesting Links

Relationship with your hosts

If you are hosting a site that, because of its content, may be liable to a DDoS attack, it is mandatory that you keep both the hosting service provider and the bandwidth provider informed of this. It pays to have an agreed and documented procedure in place in advance of any such attack. Both service providers can be extremely helpful, as long as the plans are made in advance.

Procedures should cover the mitigation steps to be used in the event of an attack. There may be various alternative steps depending on the nature of the attack, since each attack style will require a specific recovery action.

For example, an image leeching bandwidth attack differs from a TCP SYN flood attack, and each differs from a DNS amplification attack.

Service providers may already have tools in place to mitigate against attacks. Advance notice of potential attacks allows the tools to be pre-configured for an attack so that implementation of changes to routes, traffic shaping rules etc. can be implemented more quickly.

Interesting Links

Choice of Registrar

Access to DNS Modification

Use of Nameservers

Load Balancing

One useful technique is making use of Round robin DNS.

Interesting Links

Use of .htaccess

Blocking IP Addresses

Interesting Links