On the modern Internet, one of the biggest threats to the functionality of a business is the possible downtime of their website. When your website goes down, any incoming traffic bounces from an error message. Some people may see that error and decide your site is no longer functional. Others simply go somewhere else to make their purchase. If the site is down too long, Google may enact SEO penalties. All of this can be caused, intentionally, by hackers implementing a Distributed Denial of Service attack, or DDoS.
What is DDoS?
To understand a DDoS, you must understand computer malware and the basics of how web servers work.
Some types of malware are designed to infect a computer and run other processes in the background. Your computer, infected with such malware, can be used to load a website without you noticing. This makes your computer part of a botnet; a large network of infected computers controlled by the maker of the malware.
When you — knowingly or not — load a website, your computer makes a request of the server that hosts the website. This requires connection bandwidth and server CPU power. Most web servers can handle up to a certain amount of traffic before they cut off additional incoming requests. This helps prevent glitches that open up security holes, stress hardware, or damage the server.
A DDoS attack is designed to trigger these mechanisms, taking your site down from the public Internet and leaving you at the mercy of the hacker responsible. They may attempt to hold your traffic ransom, compromise your site to steal user data or perform some other nefarious trick.
Preventing DDoS Attacks
There are a few ways you can protect yourself from possible DDoS attacks. Unfortunately, you cannot assume that you will be safe simply because you’re a small business. Small businesses are often at risk simply because they do not have the resources to fall back on, such as those a global company has.
1. Use a Content Delivery Network (CDN)
CDNs act as middlemen between your company and your audience, putting their technology to use in ways you or a typical server host can’t. They have high-performance machines and scripts that are much more resilient in the face of oncoming traffic than traditional web servers. Essentially, you eliminate the risk of small botnets affecting your traffic. A large, ongoing and incredibly widespread DDoS attack may still punch through, but it takes quite a bit more work for a DDoS hacker to affect your site.
2. Use CDN DDoS Protection
Most CDNs have a number of different features you can set when you implement a contract. Some of these features, such as caching and edge servers, help prevent incoming DDoS traffic from affecting your site.
3. Consider a Third-Party DDoS Security Suite
There are several security providers in operation today that provide proactive security against DDoS attacks. These companies operate by analyzing incoming traffic and identifying the signs of an impending DDoS attack. They work because a DDoS attack is not a clean, on-or-off action. It requires dozens, hundreds, or thousands of computers operating simultaneously. Often, only a few will receive the signal to target a specific website before the main bulk becomes a threat. Services such as the AT&T DDoS Defense service detect these trickles of bad traffic and take steps to minimize the potential impact of incoming DDoS traffic.
The specific application you are looking for is the Web App Firewall. The WAF is a smart system that knows what a typical web user looks like and how they behave. It also knows what the typical botnet computer looks like. If it identifies traffic that looks malicious, it takes steps to block that traffic before it starts to eat up your web host bandwidth.
4. Pick a Solid Web Host
Even if you use a CDN, you still need the bulk of your website on a traditional web host. This means you need to choose a web host with guaranteed uptime, resilient servers, and anti-DDoS security features. If you’re not sure about your host, look into your terms of service. Some things you want to avoid:
- Bandwidth caps. If your host shuts down your site once a certain amount of bandwidth has been used, a DDoS attack will be able to shut down your site for weeks at a time with virtually no effort.
- No security features. Good web hosts provide the tools you can use to help protect your site.
- Out of date software. If the framework used by your server is out of date, hackers can take advantage of unpatched security holes.
- Extreme charges for excess bandwidth use. A web host charging for excess traffic might run up a bill of thousands of dollars in a DDoS attack; something most businesses can’t handle.
At the very least, contact the customer service department of your web host to ask about their DDoS protection. You need a host that understands the thread of a DDoS and is proactive about applying solutions, not one that dismisses the threat and your concerns. If you have to choose a package that allocates a certain amount of bandwidth, make sure it’s more than you think you may need.
5. Remote Backups
In the event of a DDoS attack, servers may throw errors that delete or fail to save recent changes to your site, including recent purchases or blog updates. In extreme cases, stressed hardware can fail, leading to the complete loss of your site. While both your web host and your CDN should have some kind of active-backup, you should also keep one of your own. A remote, cloud-based backup is the best security against information loss.
6. An Efficiently Programmed Site
This one falls down to the responsibility of the company you hire to develop your website. Some actions on a website are more complex than others. Loading a piece of text takes a tiny amount of memory, while an image requires more. Complex operations require more processing power and bandwidth. If it takes a significant amount of resources to load a page on your site, each individual hit from a botnet becomes more effective. Conversely, if your site is coded efficiently, botnets have to be larger or more dedicated to their attack if they want to be effective. Make sure your site is coded efficiently and that individual pages load with a minimum of server requirements. A CDN will help with this, of course, by distributing some of the load.
DDoS attacks are becoming increasingly common as more and more devices are compromised. Hackers are finding it easier than ever to implement a DDoS attack against an unsuspecting small business, possibly at the request of a competitor. Anyone can hire time on a botnet these days; you need to take steps to ensure that your business is protected.