What is: DDoS

DDoS short for Distributed Denial of Service attack is a type of attack on websites performed using bots. In a DDoS attack, hackers use bots to generate fake traffic so they can exhaust your server resources and crash your website.

These attacks are made by hackers for extortion (demand money) or to fulfill other unethical needs from the website owner. While DDoS attacks doesn’t automatically compromise the security of your website, they can most certainly bring your website down and make sure that none of your users can access your site.

The period of a DDoS attack can vary from a day to a week, or more. It can destroy the online presence of a website or application during this time. If you are a website owner, and you are facing DDoS attacks, then you need to apply a strong firewall on a DNS level to mitigate it.

Types of DDoS Attacks

There are a few different types of DDoS attacks that can occur on your website. You need to figure out the type of an attack before you can block the fake traffic on your site. Let’s take a look at the different types of DDoS attacks.

Volumetric Attacks

These type of attacks target the bandwidth and leave no space for real users to visit a website. Once the bandwidth is full, it will crash your website or show an error. You cannot solve this issue by simply increasing the bandwidth. You have to mitigate the DDoS attack if you want to solve the issue.

Application Attacks

The application attacks are hard to stop because they look like real traffic. These attacks are launched on specific application or servers until it becomes unavailable. These attacks do not target the whole website but rather a specific application. It’s slow to detect and the process builds up gradually until the application server crashes.

Protocol Attacks

Protocol attacks are different. In these types of attacks, the hacker or launcher send a normal synchronized request to create a connection with the server. The server acknowledges the request and a connection is build. Later, the attacker doesn’t respond to the acknowledgements, and it continues to add load until the server crashes.

Sometimes the hacker send an oversize ping also known as the ping of death. The server processes the ping, and it crashes due to the load.

It is crucial that you use a web-application firewall like Sucuri or Cloudflare to prevent DDoS attacks. These firewalls detect and mitigate DDoS attacks in real-time.

This post was originally published in the wpbeginner glossary.

Additional Reading