There are lots of ways to protect your site against spammers and other folks who generally do not do nice things online. You are not safe online, and you should remember it all the time. However, if you can protect yourself against spammers, often you’re helpless when your site is under DDoS attack. By the way, do not feel guilty for not being able to protect it. Such companies as eBay or the US government sites used to be victims of hackers and they were also helpless for some time, although they had enough money and resources to hire the best engineers to deal with the attacks.
Of course, you have to bear in mind that DDoS attacks can be so big and intense that you will need much resources to stop them. If 200k computers are trying to connect to your site all at once, there is no hardware and software that can handle it. Yet, there are a few little secrets that will help you fight anonymous DDoS attacks.
1.) There are no invulnerable sites:
In fact, if you think that only government sites are hit by Anonymous group, you are mistaken. Sure, they target mostly government sites of countries they don’t like. However, recently sites of New Zealand government were hit. Can you say anything controversial about New Zealand? So, your site might well be a target for such attacks. Be prepared for the worst.
2.) DDoS attacks are better to stop at the initial stages:
As a rule, site owners do not do much at first. They just wait for the site to go down and then start complaining. What you should do is to implement the best practices in the industry to protect your site, network, any additional services, such as DNS. Don’t wait until hackers destroy your site.
3.) Identify the bottleneck of the attack:
There should be a part of your network which is most vulnerable. Hackers use it to assault your site. These weak areas may include a firewall, a server, an Internet pipeline, a security system, a load balancer or a SQL server. Any of these elements of your network can be vulnerable to attacks. So, identification of where the attack comes from will certainly help you ‘stand and fight’. Some experts recommend slowhttptest tool to stop DDoS attacks. You can also configure your server to allow only 1k requests at once.
4.) Monitor your network:
Yes, you have to see what’s happening in your network, especially if your site is a part of a large corporate network. Sometimes, you may just block your network to be access from the Internet and analyze the attack. Sure, this is not the best solution, but this will give you a few extra hours to handle the attack.
5.) Cooperate with your ISP and a hosting company:
Yes, this is the best decision to make. Call your ISP, and make sure they are aware of the problem. Reliable ISPs and hosting providers have enough resources to deal with DDoS attacks, of course, if they are not too big. It is fair to say that if your site has become a target for Anonymous you will have problems.
Aleksey is an independent consultant in matters of the Internet security and data protection. He personally oversees a dozen of sites for small and mid sized companies, as well as cooperates with such services as http://www.vistnet.com.