Server Management

Denial of Service attack – How to stop DDoS?

Denial of Service or DoS is one of the most common types of attacks that are happening in www. This post will tell you what is a DoS attack? How it is initiated? How DoS attack is affecting the internet? and how to stop DDoS attacks?

What Denial of Service attack is?

Denial of Service or DoS attack pretty much defines it self by its name. To define the denial of service attack Wikipedia says:

In computing, a denial-of-service (DoS) or distributed denial-of-service (DDoS) attack is an attempt to make a machine or network resource unavailable to its intended users. A DoS attack generally consists of efforts to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet.

Denial of service attack demonstration using funnel exampleBasically if an attacker is sending that much traffic, to any site or server, that the server can’t respond than this type of attack is called denial of service attack. To explain DoS attack in a simple manner, suppose there is a funnel put on a glass. If you try to pour a full bottle of water through that funnel, the water will over-flow. Same thing happens in DoS attack, the attacker sends too much traffic to the server resulting in suspension of the server.

There is another type of DoS called Distributed Denial of Service attack or DDoS. This type of attack is initiated by a complete network of servers across the globe and all those servers are instructed to attack 1 particular server. Distributed Denial of Service attack will make any server in the world go down with in minutes.

Even huge data-centers like Facebook have suffered from Denial of Service attack. If your server is being hit by a DoS or DDoS attack, most of the time you will have to let the attack happen, it can last from a couple of minutes to 24 hours. But if you want to block Denial of Service attack happening on your site, you can do this.

How to block a DDoS attack on my site?

Okay, so you have a site and your site is being hit by the Distributed denial of service attack. You can do a couple of things to block this attack. First of all you have to make sure that it is your site which is under attack, not the actual server itself.

If you have complete access to the server then you can check it by looking at the bandwidth of other domains pointing to the same server. You can also use Cloudflare which is a freemium CDN service and also stop DDoS attacks. There is also an option in Cloudflare control panel “I’m under attack”. Selecting this option from security options will stop every request to your site for 5 seconds.

Like if you selected “I’m under attack” option, then every visitor will have to wait for 5 seconds and then cloudflare will send that visitor to your site. This stops all the bots and DDoS requests but keeps the visitors intact.

If your domain is protected by Cloudflare and still you are being hit by the denial-of-service attack, then it is your server which is under attack. The attackers have found your server’s IP Address and they are attacking the server itself.

How to block a DDoS attack on a server?

This type of attack is not really easy to block. You have to filter out all the IP Address of the zombie servers using a firewall. All the Severs that are launching DDoS attacks are called Zombie servers. I have listed a couple of techniques that you can use to block DDoS attack on a server.

  • You can buy DDoS protection from your server provider. This will increase the cost of your server but your server will stay protected.
  • You can wipe your complete server and start over. I know this sounds weird but I have seen many cases where a malware on your server is initiating Denial of service attack. You wouldn’t be able to find the malware unless you are a server genius.
  • Terminate and get a DDoS protected server, if your server provider is not able to provide any DDoS protection.

Disadvantages a Denial of service attack

Denial of service is actually an attack and any type of attack can not have advantages for you. There are many disadvantages of a denial of service attack and you may face 1 or a couple of these listed below:

  • If you are using a very strict IP blocking strategy, you can also block legitimate IP addresses. This can also lock you out of your own server. How bad is that.
  • Your server can get suspended or even terminated, if your server provider is very strict against Denial of service attacks.

I hope this post will help you fight against DDoS attack and if it did, then don’t forget to share with others. Follow us on twitter, Google+ and join our group at Facebook. If you have any feedback feel free to join the discussion below and let us improve using your suggestions/criticism. Cheers.

By Attiq Haroon

I am a blogger, having little knowledge of everything on MGeeky. Wordpress, Android, iOS, and very little knowledge of Linux.

Leave a Reply

Your email address will not be published. Required fields are marked *