Modern websites are complicated pieces of technology. From managed hosting to Domain Name Systems, to caching, sliders, CSS, PHP…you get the idea. There are literally hundreds of components involved in building and maintaining a healthy website, and all of them must be carefully considered for every site, from small brochure style websites to a massive enterprise-level e-commerce site.
One issue that has been more prevalent in the past few years is something called a DDoS attack or “Distributed Denial of Service” attack, and even smaller website owners/webmasters should be aware of this type of web attack. I will not be getting into some of the technical details of how DDoS attacks happen, but rather want this to be an overview of an important issue of which anyone with a website should be aware. There are safety considerations, as well as performance considerations that make this a valuable topic for even small business/website owners.
What exactly is a DDoS attack?
Essentially what this DDoS means is that multiple compromised systems are used to target a single system and overload the servers of the victim system. Think of a single basketball hoop that has room for one ball to fall through it, but malicious hackers start sending hundreds of thousands of basketballs through the hoop all at once. The hoop cannot handle that kind of volume, and it falters. It works the same way with web servers. A DDoS essentially overloads the web servers of a website, causing failure when you try to load the web page. This keeps legitimate traffic from using the website.
Why Do DDoS attacks Happen?
Why would someone want to cause a DDoS? There is a multitude of reasons. Many times, extortion is a common factor. Criminal organizations and bad guys will bring a site to its knees and extort the owner to pay them to return to normal.
There are other reasons a DDoS attack happen. In this article Wired.com highlights an example of an Iranian immigrant named Mehdi Yahyanejad who owned an Iranian news website that seemingly was the victim of DDoS attacks from the Iranian government. His website was trying to cover the 2009 Iranian presidential election between current president Mahmoud Ahmadinejad and reform candidate Mir Hussein Moussavi. The week after the election, when many Iranians protested the suspicious election results, the website was attacked on a large scale, preventing access of information and coverage of the protests. The article goes on to explain how Google set them up with their service- Project Shield – which helps to prevent these types of attacks.
How can I prevent a DDoS attack on my website?
One of the easiest things you can do for your website is use a Content Delivery Network (CDN) such as www.cloudflare.com. Cloudflare is a service that is part of the CBC Digital Elements managed hosting service, and will help to cache and protect your website content from these types of attacks. It basically acts as a shield for your website against attackers. This type of service also allows for caching of content, which will speed up the performance of the site, which can improve the user experience and increase your rankings on search engines. There are other CDNs as well like Akamai and Highwinds plus offerings from giants like Microsoft and Amazon. It is important to do your research or talk to an expert regarding utilizing a CDN. If you need more information or have questions, feel free to reach out to the CBC Digital Elements team and we can help you develop a solution right for you and your business.