What is a DDoS Attack?

Daftar Isi [Tampil]

Distributed Denial of Service or DDoS attack is a cyber attack that is carried out by sending fake traffic on a server or system continuously, so that the server is unable to manage all traffic and causes the server or system to go down.

It is quite difficult to determine if a website is affected by a DDoS attack without the help of an IT expert, especially if the symptoms are similar to common problems such as slow internet connections and so on. However, there are some symptoms that can indicate if your website has been hit by a DDoS attack. The following are the characteristics of a website that is affected by a DDoS attack:

There was a very dense increase in traffic in bandwidth, both download and upload. This increase occurs suddenly and takes place continuously. If the target of the DDoS attack is a VPS (Virtual Private Server) user, then the bandwidth usage on the VPS can reach the limit until the VPS is no longer accessible.

An increase in traffic that looks unnatural, IP addresses or visitors have the same profile or behavior, such as location, device type, browser used, and so on.

Very high CPU usage even when no activity is running. The high load on the CPU causes CPU performance to decrease, so that websites or online services cannot be accessed.

Internet connection becomes slow, so it takes longer to access it or even cannot be accessed at all.

There is a large number of spam emails that arrive at almost the same time.

Apart from DDoS attacks, the above characteristics can also be caused by other factors such as inadequate web hosting capacity.

Types of DDoS Attack

There are several types of DDoS attacks that are distinguished by the way the attack is carried out:

1. Volumetric Attack

This type of attack exploits the bandwidth limit of the website owner by creating consistently large volumes of traffic congestion. So, bandwidth will be overwhelmed with every incoming traffic and cause the server to crash.

️

Volumetric DDoS attacks work by exploiting a botnet (a network of remotely controlled computers) to create massive traffic. This attack is measured in bits per second (bps), and is the most common attack in DDoS attacks.

Volumetric Attack Example:

UDP (User Data Protocol) Flood

DNS Flood

ICMP (Ping) Flood

2. Protocol Attack

If a volumetric attack is carried out by consuming the bandwidth of a website user, a protocol attack is carried out by consuming server resources. This is done by flooding the website and server resources by making fake protocol requests to use the available resources. This attack is measured in packets per second (pps).

Example of a Protocol Attack:

Smurfs DDoS

SYN Flood

Ping of Death

3. Application Layer Attacks

As the name suggests, application layer attacks take advantage of 'layer' vulnerabilities in applications such as Apache, Windows, and OpenBSD to attack. This attack attempts to bring down the server by making a number of requests that initially appear 'normal' by imitating user traffic behavior.

Because application layer attacks target only certain features of an application or website, they often go unnoticed. The power of this attack is measured in requests per second (rps).

An example of an application layer attack:

Slowloris

Advanced Persistent DoS (APDoS)

Zero-day DDoS Attacks

Also read: Types and Causes of Malware on Websites

How to Prevent DDoS Attacks

You can prevent DDoS attacks by taking the following actions:

1. Monitoring traffic regularly

The first thing you need to do to prevent DDoS attacks is to monitor website traffic regularly. So, you have a clear picture of how traffic is trending on your website.

If you can distinguish between normal traffic and suspicious traffic, then you will know the symptoms of DDoS attack faster.

2. Use layered protection

Using multiple layers of protection is the best way to prevent DDoS attacks on websites. You can increase website security by using several protection provider services such as firewalls, anti-spam, content filtering, Virtual Private Network (VPN), or other security systems.

3. Add network bandwidth

You already know that DDoS attacks work by flooding traffic to a network. For that, it is necessary to increase the network bandwidth capacity so that your website is resistant to DDoS attacks. The more bandwidth you have, the harder it will be for hackers to launch a DDoS attack on your website.

4. Build server redundancy

Having a large bandwidth is not enough to withstand larger DDoS attacks. For that, you need to build redundancy by providing additional servers that can be used at runtime for backup, load balancing, or pausing the main server when it comes to maintenance.

5. Use a CDN

The next way you can do to prevent DDoS attacks is to use a Content Delivery Network (CDN). The CDN will help you filter out abnormal requests to your website, through the port protocol implemented by the CDN.

By using a CDN, your website traffic will also be more balanced so that the server will not be easily overwhelmed. CDN works by spreading traffic across servers in different locations, this will make it difficult for hackers to find your real server to launch a DDoS attack.

Protect Your Website From DDoS Attacks

Now that you know what and how DDoS attacks work, you may be more careful about managing a website. But don't worry, there are many ways to prevent DDoS attacks that you can do.

Apart from the methods described above, you can also prevent DDoS attacks on your website by subscribing to web hosting from Dewaweb.

With Cloudflare Magic Transit technology, Dewaweb becomes a web hosting service provider with layered defenses to protect your website from DDoS attacks and various other cybercrime actions.