DDoS attacks are an old but common game on the web. They can be performed by both the newbie script kiddie and the seasoned hacker alike. Over the years we’ve watched them evolve from being simple attacks designed to knock a website offline to serious complex, malicious threats. Are DDoS attacks too complex though for hosting providers to protect you from them? Are hosting providers even responsible for protecting you from them?
IMAGE: PEXELS
Prevention Of DDoS Attacks On A Shared Hosting Provider
Imagine running a bath, and seeing that the water you’re running is contaminated with dirt. Are you going to continue to run the water, or are you going to stop and get someone to fix the issue? This is very in much the same fashion as the role hosting providers play in the case of DDoS attacks. If they are not doing anything to prevent DDoS attacks, they are part of the problem by allowing such traffic onto their customers’ networks, which can cost their customers a lot of money in damages. If you would refuse to pay the water company for providing contaminated water, why would you want to pay your web host for providing contaminated traffic?
[pullquote]Back in the 90s web hosts used to control DDoS attacks by blackholing suspected DDoS traffic.[/pullquote] This involved sending IP addresses related to DDoS attacks to non-existent domains. However, this ran the huge risk of denying access to legitimate web traffic. In this way, hosts were actually helping out the attacker by doing exactly what they wanted – denying web access to legitimate audiences, even after the attack was done.
Today hosts have a lot more to work with. Technology has not only caught up with DDoS attacks but it has surpassed it. There are innovations now such as real-time mitigation tools installed directly inline with the peering point so legitimate traffic stays protected as it travels around the network. Hosting providers are in a better position than ever to protect their customers from DDoS attacks.
Hosts offer this as part of their hosting packages, so it is important when looking for a host that you make sure this is part of what they offer. The latest solutions are scalable and automated, maximizing their efficiency without human intervention, so there is no excuse why a hosting provider cannot provide this with their services.
If this technology is installed, DDoS traffic is halted before it can even enter the network. This effectively shuts the door on DDoS traffic while leaving a window open for legitimate web traffic. For support staff, this means no more calls in the middle of the night, no more downtime, and most importantly no more DDoS victims.
One such example of this is a provider that will remain unnamed. This provider gets DDoS attacks that can cripple their entire network, which threatens their 99% uptime guarantee to their customers. The provider would not be in a position to guarantee this uptime if they did not do anything to prevent DDoS attacks.
Through deploying this DDoS protection technology, the provider didn’t have to make any changes to their networks. It chose an option that sits inline and eliminates DDoS attacks at the edge of the network, so their customers can continue business as usual without experiencing any slowdown or downtime or surprise unavailability to web guests. As this example shows, the technology exists to prevent DDoS attacks with ease, so there really is no excuse for a host not to provide it.
If you do find yourself stuck with a host that doesn’t protect you from DDoS attacks, you can protect yourself by having a content delivery network (CDN) handle your domain name service (DNS). These services are inexpensive, and CloudFlare, in particular, offers their basic package for free. CDNs help protect your site from DDoS attacks by timing out after so many requests come from the same domain, and also help offload the bandwidth such attacks use by spreading it out across their massive networks.
If you are still shopping around for a hosting provider, make sure that you stop by Hosting.Review to see what hosts provide downtime guarantees and keep their promise. This way you can avoid getting stuck with a host that doesn’t protect you from DDoS attacks and doesn’t hold true to their uptime guarantees. Hosting.review provides comprehensive reviews on all of the major web hosts and even lesser known ones as well.
If you don’t make sure that your host is providing this service, you may end up paying for bandwidth you didn’t ask for and shouldn’t be charged for. If you do opt for a host that offers DDoS security as a service, you will be sparing yourself the headache of expensive call-outs, downtime, and loss of customers that go with DDoS attacks. So the answer is clear – yes, your shared hosting provider can protect you from DDoS attacks, and very well should be protecting you from DDoS attacks – or offering you a refund for the downtime.
If you are interested in even more technology-related articles and information from us here at Bit Rebels then we have a lot to choose from.
COMMENTS