Nine ways you can protect your servers from DDoS attacks

Distributed Denial of Service (DDoS) is an attack where the perpetrator uses several compromised systems to send messages or requests to a targeted system to overload it.

The attack prevents legitimate users from accessing that system, even though their requests may be legitimate. The goal is to render an online service unavailable by exhausting its resources.

The good news is that you can protect your servers from DDoS attacks in several ways. Here are nine suggestions.

1) Deploying CloudFlare

Cloudflare is an intelligent reverse proxy service that speeds up and secures content delivery network (CDN) for any website. It provides protection from DDoS attacks, custom caching rules, SSL support, and many more features to ensure optimal performance of your site in terms of speed and security.

2) Hosting with DDoS protection

Cloud hosting offers plenty of advantages for your business. When you choose a hosting service, you should choose one that provides access to the latest technology. More importantly, it should be a service that offers anti DDoS protection, which may hit your servers anytime without prior warning.

It’s crucial to select a provider that has comprehensive DDoS protection in place.

3) Using Fail2ban

Fail2Ban scans log files and bans IP addresses that make too many password failures to protect your system from SSH brute force attacks. It can be configured to email you the banned IPs so you can manually blacklist them in the /etc/hosts/deny file (so they cannot reconnect).

4) Using firewall

Configure a firewall and block all incoming traffic except communication on ports needed for the application to work properly. It will protect your servers against TCP-based DOS attacks.

Also, experts recommend that you use the latest iptables firewall features like connlimit, which helps limit the number of simultaneous connections from an IP address to a specific port (you can do this by specifying the source and destination addresses). However, firewall configuration will affect your website’s SEO which is essential.

5) Always use SSL for login pages

Make sure your login page uses SSL/TLS to prevent dictionary attacks, as hackers won’t be able to sniff passwords. Also, it’s best to use a unique password for each account and a firm password policy.

6) Performing rate-limit on firewall/router

A firewall or router with a rate limit feature can protect servers from DDoS attacks to a certain extent. You should configure your device’s firewall or rate limit according to the type of server and protocols you’re using.

If you’re using FTP, then limit it to 20 connections per second, while you should limit HTTP to 50 connections per second.

7) Securing your server with GeoIP limit

To minimize DDoS attacks against a particular service, one can limit access from certain countries. For example, if you’re only providing support to customers from the United States, then block requests coming from other countries.

Another way to prevent DDoS attacks is by limiting connections to specific ports. However, this method will only restrict the attack but not protect the service entirely.

8) Protecting your servers using CDN

Content Delivery Network (CDN) automatically serves static content closer to users, thus delivering your application fast and securely without taking too much load on your servers which can be a significant problem during DDoS attacks.

9) Basic network security

You can deploy basic network security measures to protect your servers from DOS/DDoS attacks. Security experts recommended that you disable source routing, restrict ICMP usage within your network, and block all incoming connections on ports 139 and 445 since they are no longer needed. Use routers with good quality firewalls such as Cisco, Sonicwall, and Juniper.

There are several steps for protecting your servers from DDoS attacks. While choosing a hosting provider, make sure they offer DDoS protection as well as other security measures to ensure your servers are always safe and secure. The tips above should be more than enough to get you up and running.

Photo by Andreea Avramescu

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertisement".
cookielawinfo-checkbox-analytics	1 year	This cookies is set by GDPR Cookie Consent WordPress Plugin. The cookie is used to remember the user consent for the cookies under the category "Analytics".
cookielawinfo-checkbox-necessary	1 year	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	1 year	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Others".
cookielawinfo-checkbox-performance	1 year	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	1 year	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__utma	2 years	This cookie is set by Google Analytics and is used to distinguish users and sessions. The cookie is created when the JavaScript library executes and there are no existing __utma cookies. The cookie is updated every time data is sent to Google Analytics.
__utmb	30 minutes	The cookie is set by Google Analytics. The cookie is used to determine new sessions/visits. The cookie is created when the JavaScript library executes and there are no existing __utma cookies. The cookie is updated every time data is sent to Google Analytics.
__utmc	session	The cookie is set by Google Analytics and is deleted when the user closes the browser. The cookie is not used by ga.js. The cookie is used to enable interoperability with urchin.js which is an older version of Google analytics and used in conjunction with the __utmb cookie to determine new sessions/visits.
__utmt	10 minutes	The cookie is set by Google Analytics and is used to throttle request rate.
__utmz	6 months	This cookie is set by Google analytics and is used to store the traffic source or campaign through which the visitor reached your site.

Cookie	Duration	Description
CONSENT	16 years 5 months 19 days 13 hours 20 minutes	These cookies are set via embedded youtube-videos. They register anonymous statistical data on for example how many times the video is displayed and what settings are used for playback.No sensitive data is collected unless you log in to your google account, in that case your choices are linked with your account, for example if you click “like” on a video.
vuid	2 years	This domain of this cookie is owned by Vimeo. This cookie is used by vimeo to collect tracking information. It sets a unique ID to embed videos to the website.
_ga	2 years	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_gat_gtag_UA_39226696_1	1 minute	This cookie is set by Google and is used to distinguish users.
_gid	1 day	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visted in an anonymous form.
_omappvp	11 years	The cookie is set to identify new vs returning users. The cookie is used in conjunction with _omappvs cookie to determine whether a user is new or returning.
_omappvs	20 minutes	The cookie is used to in conjunction with the _omappvp cookies. If the cookies are set, the user is a returning user. If neither of the cookies are set, the user is a new user.

Cookie	Duration	Description
centerVisitorId	7978 years 5 months 19 days 13 hours 11 minutes	This is a HTTP cookie used to track the individual sessions on the website. It helps the website to compile statistical data from multiple visits. This data is used for lead generation as a part of marketing purpose.
fr	3 months	The cookie is set by Facebook to show relevant advertisments to the users and measure and improve the advertisements. The cookie also tracks the behavior of the user across the web on sites that have Facebook pixel or Facebook social plugin.
IDE	1 year 24 days	Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile.
NID	6 months	This cookie is used to a profile based on user's interest and display personalized ads to the users.
test_cookie	15 minutes	This cookie is set by doubleclick.net. The purpose of the cookie is to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website.
YSC	session	This cookies is set by Youtube and is used to track the views of embedded videos.
_fbp	3 months	This cookie is set by Facebook to deliver advertisement when they are on Facebook or a digital platform powered by Facebook advertising after visiting this website.

Cookie	Duration	Description
cookielawinfo-checkbox-functional	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
view.ga79y7i4H2VjMus2eRJYqN.4ewaiz7cYMLxo2Fdorod4k	1 day	No description
view.ga79y7i4H2VjMus2eRJYqN.5659118702428160	1 day	No description
view.ga79y7i4H2VjMus2eRJYqN.5kjS2nejq2YcnYdvBnXie6	1 day	No description
view.ga79y7i4H2VjMus2eRJYqN.6M3TmeJYUdaXk4bFFoEsPB	1 day	No description
view.ga79y7i4H2VjMus2eRJYqN.AcqHN2Jx4LPTHTaVuvgpj7	1 day	No description
view.ga79y7i4H2VjMus2eRJYqN.az9ENbabTdjyzXZhvGZLsH	1 day	No description
view.ga79y7i4H2VjMus2eRJYqN.BfndspJeShXfBzLLV9vgf6	1 day	No description
view.ga79y7i4H2VjMus2eRJYqN.dExRyANhGorUfWBK88b8He	1 day	No description
view.ga79y7i4H2VjMus2eRJYqN.DLQVxHBCjsB8dSGzMQHEG8	1 day	No description
view.ga79y7i4H2VjMus2eRJYqN.ecCiQ7LhtWkSkJ7TaZBNeg	1 day	No description
view.ga79y7i4H2VjMus2eRJYqN.FQVDyuAXgSZP6EjzQVc8vZ	1 day	No description
view.ga79y7i4H2VjMus2eRJYqN.gm24Y7zkcqfXLnVYsG45ua	1 day	No description
view.ga79y7i4H2VjMus2eRJYqN.Jngw8VouAHPooyWULt96v8	1 day	No description
view.ga79y7i4H2VjMus2eRJYqN.JUp6DgKPEh2GnAKP6Hic9a	1 day	No description
view.ga79y7i4H2VjMus2eRJYqN.oXoiDpd347fYcUzoEogUp3	1 day	No description
view.ga79y7i4H2VjMus2eRJYqN.PxByyBFy44UYvo87EnhdAT	1 day	No description
view.ga79y7i4H2VjMus2eRJYqN.pXcNDvRdAUByFqYPw6mShD	1 day	No description
view.ga79y7i4H2VjMus2eRJYqN.QdALHubScinNuHaMzo6r4T	1 day	No description
yt-remote-connected-devices	never	No description available.
yt-remote-device-id	never	No description available.
_drip_client_6898597	2 years	No description
_drip_visitor_6898597	2 years	No description