I’d like you to take a look back on your life at all those times you thought someone was going to have your back.
Like the time you set out to ride your bike down a hill backwards, with your next-door neighbour acting as a lookout. The time you sat in the principal’s office with your best friend, your alibis perfectly memorized. The time you set down your drink at the bar and stepped outside to settle an issue with a loudmouth pisstank, your college roommate at your side.
Yes, I am referring to the time you wrecked your bike while your lookout tied his shoe, got suspended for three days when your best friend cracked under pressure, and got knocked out by a loudmouth pisstank while your roommate made a run for it.
Regardless of who you think should be looking out for you, you’re ultimately responsible for protecting yourself. Same goes for protecting your own website from DDoS attacks. The blame doesn’t fall on your hosting provider.
What Are DDoS attacks actually?
The inherent risk of being with a hosting provider
For most people who run a website, not being with a hosting provider is simply not an option. We understand that. We’re not exactly enthused about the idea of building and running a dedicated server room either. But that’s why it’s imperative that we all understand the increased DDoS risk we’re at if we’re with a hosting provider.
By now we’re probably all aware that anyone with a website is at risk of being targeted by a DDoS attack, simply because life (you know, competition is fierce, people are unethical, bots are super smart now, etc.).But if you’re with a hosting provider, you’re also at a secondary risk of having your website and your resources affected if another website that uses the same hosting provider is hit with a DDoS attack. Volumetric DDoS attacks can eat up shared infrastructure and bandwidth, leading to super slow service or no service at all for websites that weren’t even a target.
What kind of protection you can expect from the average hosting provider
While hosting providers obviously monitor what’s going on with tenant websites, resource usage and traffic, because of the size and scale of most hosting operations, they can’t offer the kind of real-time monitoring that effective DDoS protection would require. Most DDoS attacks will be identified within the first few hours, but by then, obviously, damage will be done.
Even after the attack is detected, a hosting provider’s response is going to be imperfect at best. If a hosting provider is going to respond, they will do so by blocking incoming traffic to the IP address under attack. The problem with that is multiple tenants will often share the same public IP, and every website that does so will have its service disrupted. So in order to protect its tenants from a DDoS attack that would leave the tenants without service, the hosting provider will cut service to tenants.
Well. It’s the thought that counts, right?
It isn’t that hosting providers wouldn’t like to offer comprehensive DDoS protection …
Now that you know you could fall victim to an attack on someone else’s website, you may be even more convinced that it should be up to your hosting provider to give you DDoS protection. Unfortunately, it’s not quite that simple.
It isn’t reasonable to expect most hosting providers to be able to provide real-time monitoring that would detect a DDoS attack within the first few seconds, the way professional DDoS mitigation would. And to offer that professional DDoS mitigation protection? For a hosting provider that has a large number of tenant websites, it would be an investment of several million dollars. At least. Requiring hosting providers to offer DDoS protection would effectively put smaller hosting services out of business, leaving a monopoly for the big guys.
[color-box]Read about the biggest Cyber attacks>> http://goo.gl/BpMiYH[/color-box]
How to protect your website from DDoS attacks
Over the last year we’ve seen DDoS attacks get bigger, faster, stronger, and all the more devastating. According to industry insiders botnet activity alone is up 240%. And many of those bots? They’re now smart enough to bypass security that was specifically designed to weed them out.
Some of the larger hosting providers actually have taken it upon themselves to start offering DDoS protection. For enterprises and other organizations that can foot that increased hosting bill, this is an excellent option. Likewise, some of the cloud computing services are instituting a ‘cloud before cloud’ DDoS mitigation strategy, where DDoS traffic is directed to an on-demand, purpose-built DDoS mitigation cloud before it can reach the actual cloud computing service.
What it all comes down to is that you are responsible for DDoS protection for your own website. You can go ahead and assume it’s someone else’s problem, but if a DDoS attack strikes, you’ll be the one tearing your hair out. Look into professional DDoS protection before it’s excruciatingly and agonizingly too late.