You could be forgiven for thinking Distributed Denial of Service attacks aren\u2019t really anything to be taken seriously. After all, they\u2019re basically the hacking equivalent of driving a truck into a storefront. Although they can wreak a bit of havoc, they don\u2019t require any real technical skill, and as such they\u2019re pretty easy to defend against, right?<\/p>\n
Right?<\/p>\n
Well…not exactly. The unpleasant truth is that the tools with which DDoS attacks are being carried out are becoming more complicated; more advanced. As a result, these attacks are growing increasingly difficult to defend against. They are, according to Incapsula, \u201ca growing and ever-changing threat.\u201d<\/p>\n
Let\u2019s back up a bit. I think we\u2019re getting a little ahead of ourselves here. How about first, we define precisely what a DDoS is?<\/p>\n
We can use that as a decent segue into how you can protect your WordPress blog from one – and why you should. Sound good? Let\u2019s get started.<\/p>\n
Imagine there are two guys – Larry and Gary. They\u2019re competitors; each one operates an online storefront in the same industry as the other. Gary, he\u2019s a pretty cool dude – business is booming for him, and he\u2019s taking a bunch of customers away from Larry through no fault of his own.<\/p>\n
Larry doesn\u2019t like that. Unfortunately, he has no idea how to legitimately compete with Gary, so he instead opts to turn towards rather more…insidious means. He gets himself in touch with a fellow named Jim.<\/p>\n
Now, Jim\u2019s a pretty tech-savvy guy, and more than a little amoral with his skills. As a sort of pet project, he\u2019s recently managed to inflict several thousand home routers with a nasty little worm that he\u2019s got total control over. Larry knows this, and approaches him with a proposition – take Gary\u2019s website down.<\/p>\n
After receiving payment, Jim directs his botnet to repeatedly connect to Gary\u2019s website. Eventually, it can\u2019t handle the traffic, and crashes. Larry takes full advantage of the lull in business, and begins siphoning Gary\u2019s customers away.<\/p>\n
See, at the end of the day, a distributed denial of service attack basically just floods a site or network with bogus requests. Eventually, the system can\u2019t handle the heavy load of traffic, and simply shuts down. Crude, but remarkably effective – it\u2019s one of the oldest attacks in the world.<\/p>\n
Now, in the example we gave above, Larry was motivated purely by competition. There are many other reasons someone might execute a DDoS against someone else. It might be a political statement. They might be using it as a cover for a far more serious crime – such as data theft or fraud. Or they might just be a hateful troll, out to wreak havoc on the world. The simple truth is that there\u2019s really no such thing as a typical DDoS attack – every DDoS is a little different from every other; some are even able to change the avenue through which they attack on the fly.<\/p>\n
Scary, right?<\/p>\n
Now, in case you don\u2019t quite believe me yet that DDoS attacks are bad news, I\u2019d like to offer you a few facts and figures; see if these don\u2019t change your mind. We\u2019ll start with the Incapsula\/Imperva study we cited earlier.<\/p>\n
According to them, businesses hit by a DDoS attack lose an average of $40,000 per hour of downtime. <\/b>The lost revenue alone should be enough to make you a bit nervous, even without taking into account what other consequences you might suffer. Just look at what happened back in 2013, when three banks in the US were fleeced for several million dollars during a DDoS<\/a>.<\/p>\n Anyway, that should be more than enough evidence that DDoS attacks are bad news, and you should protect yourself. Now let\u2019s move to the next step. How exactly do you accomplish <\/b>that?<\/p>\n First thing\u2019s first, I\u2019d highly advise you to turn off pingback on your blog – reason being that if it\u2019s enabled, you could potentially already have been part <\/b>of a botnet<\/a>. Yeah, that\u2019s a pretty glaring vulnerability. I\u2019m not sure why it still exists.<\/p>\n Anyway, once you\u2019ve gotten that out of the way, there are a few different tactics you could use to keep yourself safe. The first is to seek out a plugin designed with DDoS mitigation in mind. Personally, I\u2019d recommend SecSign<\/a>. You might also consider talking with your host, assuming you\u2019re paying for hosting – the vast majority of hosts already have some form of DDoS protection in place; you might well be protected without even realizing it.<\/p>\n Assuming your host doesn\u2019t come through and you don\u2019t like the selection of anti-DDoS plugins out there, there\u2019s also the option of hooking up with a cloud security provider like Prolexic<\/a> or DOSarrest<\/a>. As a last-ditch sort of deal, you could also flirt with the idea of purchasing your own DDoS mitigation system – though I\u2019ll warn you that\u2019s not a choice for people who are a little light in the wallet. You\u2019ll need a big budget for most halfway decent DDoS prevention systems.<\/p>\n The distributed denial of service attack is one of the oldest tricks in the book as far as cyber-crime is concerned. It\u2019s aged remarkably well, all things considered – even with today\u2019s technology, DDoS attacks can be some of the most challenging things in the world to mitigate, particularly if you\u2019re going in unprepared. You owe it to yourself to make sure your blog\u2019s properly protected – because you definitely don\u2019t want to face the consequences if you get DDoSed and it\u2019s not.<\/p>\nNow That You Know Why To Protect Yourself, Let\u2019s Talk About How<\/b><\/h2>\n
In Closing<\/b><\/h2>\n