Is your website under a DDos attack?

Website under a DDos attack?

Even if you have standard security on your website it can still be taken down by a DDos attack. First you will notice a lot of traffic to your site and maybe you go over your bandwidth for no apparent reason. If you havent launched a campaign to drive traffic to your website then it could be under a DDos attack.

What is a DDos attack?

DDos stands for “Distributed Denial of Service Attacks” basically it takes your site down which could mean you lose business.

Why do people attack your site?

If someone disagrees with the content on your site or wants to disrupt your organisations business or maybe they have a political reason for wanting to take your site down.   To achive taking your site down they simply go to the underground market and either buy botnets or pay for a week long DDos attack on your site for as little as  £100 taking your business offline.  Scary isnt it!   Basically there is huge money in taking sites down hence the black market.  Now you know why viruses are on the increase.

How do people attack your site?

First they build an army of infected computers (aka botnets) then infect websites, social media sites and send out emails with malicious software.  Once they have infected a website or your computer through sending email viruses that download this software they can then remotely control your computer or website without your knowledge.  There is no limit to how many machines or websites they can control remotely and could have more than a million machines in their army.

How does it work?

Botnets send more connection requests than a server can handle through several hundred or million computers they have control over, which could be someones home computer that has this malicious script on it. Sending traffic from all these hundreds or thousands of computers sending huge amounts of random data will overwhelm the server and cause the bandwidth to exceed, taking the site down.   The larger the army of botnets the more damage they can do including being able to max out a whole country’s international cable capacity.

How do I know if I an under attack?

First signs of an attack could be that your bandwidth has been exceeded.  This can legitametly happen when you have a sales launch or some form of promotion, but when you dont have any campaigns running this is something you would need to check out in case of an attack.  If you look at your traffic stats you will see that you are getting repeat visitors going on to your site for about 30 seconds at a time and normally only on your home page.

The first thing you need to do is check your web server logs and look at the ip addresses and look them up on a blacklist tool such as http://mxtoolbox.com/blacklists.aspx if they are DNSBL listed then it’s likely you are under attack or have automated traffic being sent to your site.

What should you do if you are under an attack?

If you are using wordpress you should make sure you have the latest version and also check that you dont have any easy to crack passwords.  There are password cracking tools that have every word in the dictionary in them and they are automated to crack your password so dont have something as simple as “password” as your password.

There is more than one way to deal with the attacks.  There are wordpress plugins that block ip addresses and this is usually ok for  hundreds of visits but if you have thousands you might like to get professional help such as Local Business Solutions or Crawley Computer Centre