Protection of a site from DDoS attacks using CloudFlare

Only a few years ago, a term DDoS attack was highly specialized; only system administrators and network security experts were familiar with it. Today, everyone knows about DDoS, from managers of companies affected by this type of attack to users who cannot get access to their favorite site or receive a familiar service and specialists working remotely, etc. These virtual attacks are becoming more frequent, and real people are suffering from them.

So what is a DDoS attack? DDoS is short for Distributed Denial of Service – a distributed attack aimed at denial of service equipment. The simplest DDoS is sending millions of data packages from different computers to a specific site. The more attacking computers and more often packets are sent, the faster the communication channel, server RAM, and free connection slots will be clogged. As a result, the server will "go down" when it cannot handle an increasing number of requests. On a user's screen, it will look like a site is not available, because the server cannot independently filter malicious requests from client's visits.

Over time, DDoS attacks became more sophisticated, hackers chose weakly protected or unprotected services, open ports, DNS servers, and resource-intensive databases as victims, which could lead to a crash of servers for a long time and even to data loss. Besides, the attacking capacity has also increased. Nowadays, attacks with a capacity of hundreds of megabits are not rare, and very few can resist them. Hackers also actively use botnets, i.e., networks of computers from the whole world infected with viruses and managed by hackers from a single center. As a result, unavailability reports even of such giants like Twitter, Facebook, eBay, Amazon, and others are becoming more frequent. Losses from such actions amount to billions of dollars and harm companies' reputation. Hackers' aims can be different: order from competitors, extortion of money, or even entertainment, but you need to solve the problem in any case.

 

How to protect yourself from attacks

 

Repulse of a DDoS attack is a non-trivial task for an administrator, and in many cases, it is almost impossible to solve it without help. The option with a constant capacity expansion is too expensive and still does not guarantee success, because hackers can find a weak spot. In this case, the channel thickness and the server computing power will be excluded from the equation. Also, many providers of sites that are constantly attacked refuse to service them or issue huge bills to compensate for their efforts and losses from DDoS. Today, the most effective solution for protection against attacks is to filter traffic before it gets to the server. The most suitable options are offered by CloudFlare, a company that specializes in network security and DDoS attacks.

 

What is CloudFlare and how it works

 

CloudFlare is a service that helps protect your site from various network attacks, including DDoS. The principle of operation is the following: all traffic before getting to the target site passes through the CloudFlare servers, where it is filtered according to user settings. To configure it, you need to change DNS servers to the ones offered by the service and activate protection by selecting one of the suggested levels – from light to high. Even automatic settings can significantly reduce your server load and get rid of some of "garbage" traffic, spammers, etc., but for more complete protection, you need special settings.

Cloudflare’s convenient monitoring system shows IP addresses that send the biggest number of requests; most likely, these are the computers used by hackers. They should be blocked first. Also, you can block entire subnets and even countries – for example, if your project is designed for CIS and European countries, you can temporarily block Asian IP addresses (where the threat often comes from) while the attack is underway. Also, there is an emergency mode – if the site is attacked, enabling this mode will force each site user to pass an automatic check.  A few second delays are enough to cut off malicious requests, and regular clients will see the stub and wait for the check to finish.

 

Hosting from Tucha: protection enabled

 

By hosting websites of our clients, we use all modern features to ensure their safety, security, and performance in all conditions. This includes the features offered by CloudFlare. Cloud hosting from Tucha is the right choice for those who value stability and security and do not want to lose money, reputation, and customers due to DDoS attacks.