Survive DDOS Attack

 What is DDOS attack?

Distributive denial of service attack is an attempt to consume server resources with large number of malicious request and connections. Server’s primary purpose is to accept all incoming connections. Each connection consumes lots of bandwidth, memory and processing power. When such attack happen, websites published through server won’t be accessed. Attackers exploit this vulnerability by sending many packets to the server. This is how DDOS attack works.

DDOS attack takes website offline. Even big tech giants such as – Google and GitHub with high amount of immune resources struggle to stay online during DDOS attack. Now day’s anyone with few dollars can launch DDOS attack.

If you have any website running and you suffer DDOS attack. DDOS attack can take down website for hours or even days. DDOS attacks can be dodged with the right tools. cPanel and WHM includes DDOS mitigation features.

Types of DDOS attacks: -

Categorizing DDOS attack according to network connection they target. You can think of connection as layers of data formats and protocols.

DDOS attacks is attributed to layer 7, 6 and 4. Layer 7 includes web applications, NTP amplification and web servers. Layer 6 focuses on SSL connections. Layer 4 includes exploiting weakness in TCP protocol.

How to survive from DDOS attack?

• Currently, DDOS attack cannot be prevented from sending malicious data network requests. You can configure firewall and webserver to drop network requests from suspicious IP address.

• cPanel and WHM includes DDOS mitigation tools. cPanel supports Configserver security firewall that provides WHM plugin with a comprehensive interface. To install plugin ConfigServer security and firewall page in the plugins section. Move to firewall configuration. Configure “CT_LIMIT” value that control how many connection firewall allows from IP address.

• Enter 300 in “CT_LIMIT” value. Setting low value can drop actual connections. So whenever DDOS attacks happens unwanted traffic will be weeded and limiting the connections. The correct value depends on nature of attacks.

• Now setup PORTFLOOD value on the same page. PORTFLOOD limits connection to particular port. For instance- if server is experiencing DDOS attack against port 80, PORTFLOOD will block subsequent attempts within ten seconds.

• In the last, the most common and the easiest way to implement denial of service attacks is on layer 4 Syn Flood. CSF include SYN flood protection, which can be turned in port flood settings section.

• Activate SYN flood protection and adjust SYNFLOOD_RATE and SYNFLOOD_BUSRT settings. Correct value depend on specific attack but 75/s and 50 are good start point. Make sure before setting up values. Incorrect configuration might low down legitimate traffic and you may face connection problems.

• SYN_FLLOD protection should only be turned during attack.

• Mod_Evasive is an apache module. It detects different potential attacks against web applications and takes action by rate-limiting IP addresses that are making too many requests in short time.

• Install mod_evasive module. Navigate to easy apache 4 WHM. Select apache module and search for mod_evasive. Flip the install switch.

• Then select review tab, scroll to bottom and click provision WHM. It might take some time to install module and dependencies.

• cPanel IP blocker is used to block individual IP addresses. This method only applied on small attacks. It cannot work on large attacks. Navigate to IP blocker in cPanel’s security menu.

Conclusion: -

Over time, DDOS attacks have become bigger and easier to carry out. Number of attacks doubled between 2018 and 2019 can expect trend to continue. And because of this covid-19 situation DDOS attacks has taken high rise. To reduce risk of DDOS attack, you need secure hosting plans. So connect with HTS Hosting, best hosting company in India provides corporate web hosting, reseller streaming and other hosting plans.

Source: https://www.htshosting.org/knowledge-base/technology/79/survive-ddos-attack