{"id":1749,"date":"2021-02-22T21:41:34","date_gmt":"2021-02-23T05:41:34","guid":{"rendered":"https:\/\/www.ssls.com\/blog\/?p=1749"},"modified":"2023-09-27T15:35:43","modified_gmt":"2023-09-27T22:35:43","slug":"what-is-a-ddos-attack","status":"publish","type":"post","link":"https:\/\/www.ssls.com\/blog\/what-is-a-ddos-attack\/","title":{"rendered":"What is a DDoS attack?"},"content":{"rendered":"\n
\"\"<\/figure>\n\n\n\n

For many website owners, attracting more traffic to their website is a top priority. Who doesn\u2019t want to increase their customers or the number of people reading their content? There\u2019s no such thing as too much traffic, after all. Except that isn\u2019t entirely true. Especially when it\u2019s the wrong kind of traffic.
<\/p>\n\n\n\n\n\n\n\n

That\u2019s why today we\u2019re going to talk about one of the leading ways traffic can go wrong: DDoS attacks. We\u2019ll be covering what they are, why they\u2019re bad, and how to protect<\/a> your site from them.\u00a0<\/p>\n\n\n\n

DDoS \u2014 What it is and how it works<\/h2>\n\n\n\n

DDoS is short for distributed denial of service. These kinds of attacks target websites and online services, overloading their servers with fake traffic so that they are rendered inoperable and unavailable to anybody who actually wants to use them. 
<\/p>\n\n\n\n

There are numerous ways a DDoS attack can unfold. For the sake of brevity and simplicity, we\u2019ll just be focusing on one way it can happen (which just so happens to be the most common form of DDoS attack): botnets. 
<\/p>\n\n\n\n

A botnet is a distributed network of remotely-controlled, hacked computers that work together to flood a web service or website with more data requests than it can handle. The computers that make up a botnet are hacked via malware or an existing vulnerability. The hackers install Command and Control, or C2, software on the computers, which allows them to launch a coordinated attack that can bring down a website or service.<\/p>\n\n\n\n

The consequences of DDoS attacks<\/h2>\n\n\n\n

DDoS attacks might not sound like such a big deal at first. What\u2019s a little bit of downtime? But downtime can have disastrous consequences for online businesses whose bottom line hinges on being always available. Whether you run an e-commerce store or online service that people depend on, if your site isn\u2019t accessible, it will likely result in angry users, the loss of customers, and a hit to your finances.
<\/p>\n\n\n\n

Furthermore, DDoS attacks can often be more wide-ranging than you might expect. In 2016, Dyn, a DNS provider, found itself the target of a series of DDoS attacks<\/a>. The result was far-reaching, with scores of major platforms \u2014 including Airbnb, Reddit, PayPal, and Netflix \u2014 experiencing lengthy downtime, disrupting service for a multitude of users in the US and Europe. 
<\/p>\n\n\n\n

More recently, Amazon Web Services announced<\/a> that in February 2020, it mitigated the largest DDoS attack ever with a volume of 2.3 Tbps (TeraBytes Per Second). To put it in perspective, Amazon says that the attack was 44% larger than anything it had experienced before, with the service spending three days in elevated threat status. AWS experiences little downtime thanks to its DDoS protection service, AWS Shield.<\/p>\n\n\n\n

How to protect yourself from a DDoS attack<\/h2>\n\n\n\n

For website owners, implementing a website application firewall (WAF) is a good start. A WAF serves as a shield between your site and incoming traffic, preventing common security<\/a> threats, including DDoS attacks. There are numerous free and paid WAF services available online, including WordPress plugins.\u00a0
<\/p>\n\n\n\n

A solution for avoiding downtime in the event of a DDoS attack is using a content delivery network or CDN. A CDN is a group of servers distributed worldwide that work in tandem to speed up Internet content delivery. When you use a CDN, your website content is stored on these servers in addition to your primary server. This improves website speeds for anyone accessing your site, particularly in places geographically far-flung from where your main server lives. In the event of a DDoS attack, your website shouldn\u2019t experience any downtime, as your website content is already backed up and cached elsewhere.
<\/p>\n\n\n\n

For general Internet users who don\u2019t want their devices to become part of a botnet inadvertently, make sure you have a good antivirus and security software installed across your digital devices. Not just on your laptop and PC, but Internet of Things<\/a> (IoT) devices too, such as webcams, security cameras, home routers, and even baby monitors. These devices tend to fall by the wayside since people don\u2019t automatically think of them as computers. However, they have been the focus of multiple high-scale botnet attacks, such as the Dyn attack mentioned earlier. <\/p>\n\n\n\n

Wrap Up<\/h2>\n\n\n\n

DDoS attacks are an unfortunate reality of life online, and it seems likely they\u2019ll grow in sophistication as time goes on. However, following basic practices for website security should go a long way. Installing security applications, such as a WAF and anti-malware software, on your website server and digital devices, should make for a robust preventative measure, while a CDN may help if your website ever becomes a target.
<\/p>\n","protected":false},"excerpt":{"rendered":"

For many website owners, attracting more traffic to their website is a top priority. Who doesn\u2019t want to increase their customers or the number of people reading their content? There\u2019s no such thing as too much traffic, after all. Except that isn\u2019t entirely true. Especially when it\u2019s the wrong kind of traffic.<\/p>\n","protected":false},"author":9,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-1749","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/posts\/1749","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/users\/9"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/comments?post=1749"}],"version-history":[{"count":4,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/posts\/1749\/revisions"}],"predecessor-version":[{"id":2750,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/posts\/1749\/revisions\/2750"}],"wp:attachment":[{"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/media?parent=1749"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/categories?post=1749"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/tags?post=1749"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}