Q

How to prevent DDoS attacks on websites

Expert Mike Chapple reviews actions that you can take to protect yourself against large-scale DDoS attacks.

What is the best way to protect my website from distributed denial-of-service attacks?

In a distributed denial-of-service (DDoS) attack, the perpetrator uses a large number of systems at many different Internet locations to flood and overwhelm a server with bogus traffic requests. These attacks can be difficult to defend against because of the similarities between attack traffic and legitimate Web requests.

However, there are some actions you can take to protect yourself. Here's some basic advice:

  • Ensure that you have adequate bandwidth on your Internet connection. You'll be able to foil many low-scale DDoS attacks by simply having enough bandwidth (and processing power) to service the requests.
  • Deploy an intrusion prevention system on your network. Some (but definitely not all) DDoS attacks have recognizable signatures that an IPS can detect and use to prevent the requests from reaching the Web server.
  • Use a DDoS prevention appliance, including any of the Cisco Systems Inc. Cisco Guard products, that is specifically designed to identify and thwart distributed denial-of-service attacks.
  • Maintain a backup Internet connection with a separate pool of IP addresses for critical users. While you won't be able to switch all access to your website over to a backup connection (the attacks will switch at the same time!), you can provide critical users with an alternate path to your site if the primary circuit is swamped with bogus requests.

These tips should get you started on the road toward building a hardy Web infrastructure with the highest probability of surviving a DDoS attack. Good luck!

This was last published in April 2009

Dig Deeper on Denial of Service (DoS) Attack Prevention-Detection and Analysis

PRO+

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

2 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

I add cloud fare to my site,also have great bandwidth but not have a unique ip, due to which i am again and again falling in ddos attack, i get help from support center but they say to prevent this attack you have to get unique ip, what should i do for it other then ip solution, my web is Pakistan
Cancel
I'm no expert in DDoS prevention and mitigation, but I would think that in addition to big pipes and your other recommendations, multiple load-balanced web servers would be additional insurance.

Aside from the detection and prevention hardware which we would hope could stop most of the malicious packets, spreading the traffic that does come through across multiple servers could only help.

Check out Security Corner for practical security advice.
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close