We believe that most companies who do business online have been attacked by hackers at least once. Starting April 15, we were faced with a massive Distributed Denial of Service (DDoS) attack.
We discovered the attack when the SSLs Site Seal checking system notified us that it was unable to ping SSLs.com.
On the first day of the attack, we changed our website’s IP address and updated DNS respectively. This stopped the attack for some time.
However, the next day, the DDoS attack resumed and became even more aggressive. We fought it for several days by closing port 80 during attacks, but this tactic did not end the DDoS.
After five days of continuous malicious attacks, which led to website downtime, we decided to move SSLs.com to one of the biggest DDoS mitigation and protection solutions. The nature of the service allows traffic to be spread across various POPs, which can help isolate a DDoS attack. Once signed up, we started setting up everything to begin DDoS mitigation. Fortunately, this was possible even when we were already under an attack – an undoubted advantage of the solution.
While the security solution was under implementation, on-going attacks against SSLs.com made the website unavailable again. The attackers were looking up our publicly available IP addresses to target the attack.
As a result of such an intense load from DDoS, our servers became unresponsive and we had to reboot them.
It was a one-million-packets-per-second mixed TCP/SYN ICMP flood. In total, we were under attack for 11.5 hours, across four days.
As soon as the DDoS protection solution was set up, the malicious attack was mitigated and no longer impacted our website’s operation.
As always, we continue to work on our website security, to be prepared in advance of malicious attacks, to maintain uptime and to maximize performance.