We’ve made it through the most recent bashing of DoS Attacks!
The most common question we’ve gotten this past couple of weeks, in one form or another, is “What is a D0S Attack and why do I care?”
SHORT ANSWER: your website goes from normal traffic to hundreds of times normal traffic when robot computers attack it with requests for pages and downloads, and attempts to log in if you have a password-protected area. Simultaneous quantities of spam, phishing and spoofing adds to the load. The huge spike in server load, which can happen within a few minutes, potentially overwhelms the server and shuts it down.This graph illustrates the strain a DDoS attack puts on a server. In this case, the site went from 2,000 visitors per day to 5,000,000 in an hour. Most sites simply aren’t equipped to scale up with the extra traffic.
LONG ANSWER: Sucuri has done an excellent write-up if you’d like to know more. Check it out.
The next question is “What are you doing about it?”
There’s no short answer here. We’ve employed some software to block the attacks, giving some of the sites that have been hit harder an additional level of security. We’ve made some changes to our server so as to block potentially nefarious IP addresses. We’re playing with that now as we want to find the magical balance point of blocking the right IP addresses.
We may have to separate web services and email services in the future so as to reduce the risk to the web server and improve email service and customer service. That decision has not yet been made. If you’re interested in making such a change now, zap us an email and we can point you in a few great directions. The handful of clients who have made this leap report it was a great decision for their business.