Business Guide
simplicable technology guide   »  security   »  ddos defence

8 Ways To Protect Your Website From DDoS Attack

        posted by , March 15, 2011

If a DDoS attack hit your site today — what would you do about it?

There are 8 common defences for a DDoS attack.

8 DDoS preventions

1. Efficiency

DDoS is a war of attrition — efficient use of resources is a key defence. Applications need to be designed from the ground up with efficiency in mind:

- well architected and designed
- efficient code and algorithms
- proper memory allocation and clean up
- configurable time outs and resource restrictions

2. Excess Capacity

If your site is running at 90% capacity with normal traffic — it is a sitting duck for a DDoS attack.

The more excess capacity (throughput) you have the better — cloud infrastructure that allows you to dynamically add capacity is ideal.

3. Testing and Planning

DDoS attacks can be simulated as part of performance testing. Testing helps you to understand how your application bares the stresses of a DDoS — so that you can plan a defence.

4. Layer 4 Network Equipment

Switches and routers generally built in defences for layer 4 attacks.

Effective layer 4 defences include bogus IP filtering, traffic shaping, TCP splicing and rate limiting. Work with your ISP or network equipment vendor to understand the features of your network.

5. Bandwidth Management

Bandwidth management hardware allows you to classify incoming traffic as priority, regular or dangerous. It event of a DDoS attack non-priority requests can be dropped.

6. Intrusion Detection Systems (IDS)

IDS look for attack patterns in incoming traffic and can drop suspicious packets.

7. Custom Defence

Many layer 7 attacks require a custom on-the-fly defence. Typically, web developers analyse traffic patterns for irregular:

- IPs
- request signatures
- http headers
- form parameters

Once a pattern is determined filters can be implemented on the web server to drop matching requests.

8. Blackholing and Sinkholing

Severe DDoS attacks may require Blackholing — sending all requests to a non-existent server. This brings the website down but relives the pressure on the server.

Sinkholing sends all requests to a logger that logs some statistics and then drops the requests. Sinkholing can help developers establish attack patterns.

3 Shares Google Twitter Facebook

Related Articles

Enterprise Architecture
How to architect an organization.

The following template captures your high level enterprise architecture.

Back-to-basics ITIL definitions that may serve as a useful executive overview.

Enterprise Architecture — solving the world's problems one big box at a time.

A guide to enterprise software that covers a wide variety of critical enterprise tools.

Recently on Simplicable

The 4 Contenders to be Your Next CIO

posted by Anna Mar
When your organization looks internally for a new CIO there are four usual suspects.

Enterprise Software Guide

posted by John Spacey
A guide to enterprise software that covers a wide variety of critical enterprise tools.

ITIL Guide

posted by John Spacey
Our guide to the ITIL framework.


posted by Anna Mar
Everything you ever wanted to know about mashups but were afraid to ask.


about     contact     sitemap     privacy     terms of service     copyright