Anyone running any sort of online business needs to be wary of DDoS attacks. Or distributed denial of service attacks. Which is basically a long way of saying someone wants to shut down your website or service, so they send floods of traffic from various points to overwhelm you and make it difficult to shut down or even trace the origin of the attack. They force your servers so that your visiteurs normal are denied access. It's one of the most frustrating things that can happen to an online presence.
In this article, we are going to help you understand how it works and help you protect yourself from them.
Understanding DDoS attacks
Most DDoS attacks are carried out by botnets, a “group of computers infected with malware and controlled by a malicious user”. These machines are then hijacked and used against any service that the attacker makes unavailable to everyone.
Although the computers that make up the botnet are infected with malware, it is important to note that if your WordPress website is under DDoS attack, your website is not infected with malware. DDoS is simply preventing normal traffic from reaching you. However, if your computer had previously been compromised by a security breach, your servers may become part of a botnet that performs a DDoS attack on someone else.
DDoS is not a hack
As we said above, a DDoS attack is not an attempt to exploit a vulnerability to gain access to your site. It is more in the sense of brute force attack. This is when a particular party attempts to access your site through repeated login attempts and password resets (to say the least).
DDoSers don't try to get your passwords, take over your site, install malware, or use your computer for malicious purposes. If you are a victim of DDoS, you will be denied service. No one will be able to access your server because it will be bombarded through public channels. Not the dashboard like hacks and intrusions and brute force attacks.
Why are you a DDoS target?
Why would someone do this to you? Well, one of the most common is the idea of hacktivism, in which a party wants to prevent the spread of ideas or a service to which they oppose. This could be for a number of reasons, but if you post something that could be divisive, hacktivists could attack you with DDoS.
Corporate espionage has been known to happen, when a competitor stops you, for example, during a big sale or at some time of the year to funnel more profits to himself. Or it could be someone who wants to learn about cybersecurity and the ins and outs of DDoS attacks. Maybe it's just a bored person somewhere who thinks it's funny and wants to watch the world burn. (This happens to games and online services such as PlayStation Network or Xbox Live or World of Warcraft).
If you don't see yourself as the target of hacktivist or corporate sabotage, you are probably just the unlucky target of someone who wants to wreak havoc on a stranger.
Protect WordPress from DDoS attacks
Whatever reasons you may become a target of a DDoS attack, you need to take precautions to prevent this from happening to you and your WordPress site. Protecting your WP installation against denial of service attacks is not that different from protecting against other attacks. At least from your point of view. The underlying protections work considerably differently. But as a WordPress user, you have the chance to leave that to the developers and specialists and just reap the rewards of their hard work and expertise.
Regularly update WordPress
This should be obvious and taken for granted. But we want to say it. Make sure your WordPress installation is up to date . If you are still on version 4.9 and the most recent version is 5.3, you not only open yourself up to intruders accessing your site, but also DDoS attacks. At least indirectly. If you keep WP up to date, you can use the most recent versions of security plugins, as well as fixed security holes that prevent your servers from getting infected and integrated into a DDoS botnet.
Use security plugins
WordFence, iThemes, Sucuri and so many other free options are available to keep your WordPress installation safe. Make use of it. Most importantly, you need to install a WAF. Representing a web application firewall, a WAF is your best defense against an incoming botnet.
Typically, the firewall defines a perimeter around your server and determines who can enter it and who cannot. Rules (called policies) operate on the priorities of list black or whitelist . Developers and WAF teams block (or blacklist) known botnets, their regions, and IP addresses. This protects your site against known threats, but if a new threat comes from elsewhere, you may still be at risk.
The white list then prevents both from happening by allowing only known traffic to access your site. You can't get DDoS because you haven't previously approved those IP ranges or regions for access to your site. If your main business is from certain countries or regions, this is an effective way to prevent botnets and unknown attackers from accessing your site. DDoS or brute force or anything else, if you didn't say "enter" it won't enter.
There are pros and cons to both of these methods with WAFs, but in general, developers have a solid set of predefined policies in place that keep your site secure and running efficiently and perhaps most importantly, profitably .
Check logs (access histories)
WordPress logs are something that most users don't know about or care about. But if you're at risk of a DDoS attack, keeping logs and seeing where the traffic is coming from and the errors your servers are giving can be valuable in making sure things stay up and running. Just noting that as of 3:03 a.m., there have been 176 login attempts across the world is enough to warrant your attention and go through the update process, make backups, analyze and check for malware etc.
Your host must have journals that you can view, and the Codex WordPress has detailed information about debug logs that you can refresh.
WordPress blog security tip
Here is a list of some items that will help you move forward by making some adjustments your blog to make it more secure.
- 10 plugins to have a firewall on WordPress
- How to strengthen the security of your WordPress blog
- Some security plugins on WordPress
To Summarize
In the end, most WordPress users don't risk probably not suffer a DDoS attack. But you could be. Anyone could be. That's why configuring security to manage it is so important. But every time you release content, succeed and get seen by the general public, or get the attention of the wrong person, there's a chance your livelihood is on the line. It's easy enough for people to hire a DDoS botnet if they really want to, so setting up a WAF and some logging and preparation is more than worth it.
