How to Protect Against DDoS Attacks on Your Website

What is a DDoS Attack?

In a DDoS attack, cybercriminals use hacked networks to flood internet servers with traffic, sending more requests than the target server can handle. This includes overwhelming a website with “fake” requests in an attempt to make the site unavailable. These attacks are executed when multiple computers on different networks that have malware — called a “botnet” — send large amounts of requests to your website at once.

Different Types of Attacks

There are three different types of DDoS attacks:

• Volume Based Attacks - Volumetric DDoS attacks send a high volume of traffic to the server, to overwhelm the network bandwidth. Common examples include ICMP and UDP floods.
• Protocol Attacks - This type sends malicious requests to Layer 3 and Layer 4 in the protocol stack, exploiting vulnerabilities that allow it to consume bandwidth of key elements of the network infrastructure (the server, load balancers, etc.). Common examples include SYN floods and the Ping of Death.
• Application Layer Attacks - This type exploits vulnerabilities in the application layer (Layer 7) itself. These attacks can be the most difficult to identify, as they can sometimes achieve their goal (crashing the web server) with a smaller volume of requests than the other two types. Common examples include: low-and-slow attacks and GET/POST floods.

In a particularly memorable instance of a DDoS attack, the Mirai botnet used a large number of hacked internet of things devices to overwhelm Dyn, a domain name system for popular sites such as Amazon, Twitter, Netflix, Etsy, and Spotify.

Even when an attack fails to crash a website, it often slows the site down enough to make it unusable — frustrating customers and causing significant revenue losses. Meanwhile, these attacks are cheap for cybercriminals, which is perhaps one reason they accounted for 35% of cyberattacks in 2017. For as little as $100 a day, certain groups will deploy DDoS attacks on unprotected servers — and that price goes up to $400 a day for protected ones.

Particularly for e-commerce sites, even one day of downtime can be far more costly.

How to Tell if a Site Is Under Attack

Obviously, not all surges in traffic patterns are bad, but when you suspect an DDoS attack is behind a surge, it’s important to correctly identify it as quickly as possible. Unfortunately, it can prove challenging to distinguish between a legitimate traffic spike and one brought on by a DDoS attack. But if slow service continues for days instead of hours immediately following a sale or marketing campaign, your site could be under attack. A significant spike in spam emails can also signal an attack.

3 Ways to Protect Your Website

Instead of simply trying to survive an attack, take steps to prevent one with DDoS protection. Research indicates that about 66% of DDoS-targeted sites are attacked more than once. Here are some essential places to start:

Web Application Firewall

Web application firewalls (WAFs) are a good place to start because they’ll be able to differentiate between DDoS attacks and legitimate traffic. By relying on a WAF, you can protect your website from these attacks and ensure your customers enjoy uninterrupted access to your site.

Content Delivery Network

In addition to improving site speed and SEO, a content delivery network (CDN) can make it more difficult for hackers to find and attack your server. Since a CDN uses a group of servers to deliver your content online, it’s harder for someone to identify your main server. Optimizations via a CDN also help lower the bandwidth that the primary server needs to use, making it less likely for the server to get easily overloaded. A CDN’s secure port protocol will also help prevent bad traffic from coming through.

Have a DDoS Response Plan

Website downtime can cost small and midsize businesses between $137 and $427 per minute, while the attacks that bring them down can be conducted for as little as $1 per minute. You won’t outlast an attack, so the first step is knowing that you need to act swiftly. Let your web hosting service provider know what’s happening, as they may be able to monitor and block the traffic to protect their servers.

In addition, prepare for a surge in customer communications as people report the downtime and ask questions. Automate your responses whenever possible, as you’ll need all hands on deck to respond to the attack.

As IoT devices continue to rise in popularity, DDoS threats and attacks will continue to gain prevalence — and the cost of conducting them will likely go down even further. Prevention is the best method of dealing with these cyberattacks, and it starts with effective cybersecurity tools and a reliable response plan. Want more protection for customers and stakeholders? Explore our website security solutions, and get a quote for automatic DDoS mitigation services today.

Monique Becenti is a product and channel marketing specialist at SiteLock, a cloud-based website security provider currently protecting more than 12 million websites globally. Monique is passionate about improving the customer experience for all. SiteLock’s combination of dedicated research and developmental efforts, aggressive product road maps, and access to a massive global data set make the company a leading innovator in web security.