How To Stop DDoS Attacks | Protect Against DDoS Attacks‎


A basic denial of service (DoS) attack involves bombarding an ip address with massive amounts of traffic. If the ip address points to an internet server, then it (or routers upstream of it) could also be overcome. Legitimate traffic heading for the web server are going to be unable to contact it, and also the web site becomes inaccessible. Service is denied.

A distributed denial of service attack (DDoS) may be a special type of denial of service attack. The principle is that the same, however the malicious traffic is generated from multiple sources -- though orchestrated from one central purpose. the actual fact that the traffic sources are distributed -- usually throughout the world -- makes a DDoS attack a lot of harder to block than one originating from a single ip address.


How to Stop DDoS Attacks Protect Against DDoS Attacks‎


While several DDoS attacks are motivated by revenge, politics, troll and terrorism, money is frequently involved. according to cyber security analysts, ransom and blackmail are the most common motives behind DDoS attacks. Hackers disrupt internet services and hold it against a ransom. Hackers ask for serious ransom amount, that once paid, ends up in the attack being stopped and services made available to customers.

Here are 7 tips for stopping a DDoS attack :-


1. Get Cloudflare Business Or Enterprise

Cloudflare Business and Enterprise plans provide advanced strategies to allow you to stop a DDoS attack. Once you are on their Business or Enterprise plan their advanced DDoS protection is automatic. It’s additionally nice to know that Cloudflare does not bill by attack size and does not have an attack cap.

If you are a current Cloudflare client, upgrade on-line to the Business plan right from your “My Websites“ control panel and proceed to Step 2.


How to Stop DDoS Attacks Protect Against DDoS Attacks‎

If you are new Cloudflare it is important to know that their signup method will require a small change to your current DNS settings that takes on the average 15 minutes for GoDaddy customers, however will take up to 3 days depending on your domain registrar.


2. Turn On I Am Under Attack Mode

AccordingThe mode I am under attack helps mitigate and stop DDoS attacks. This mode allows additional protections to prevent potentially malicious http traffic from passing to your server. On their first visits, legitimate visitors will in brief see an interstitial page whereas the additional checks are performed:


How to Stop DDoS Attacks Protect Against DDoS Attacks‎

To activate the feature, visit the overview for your domain, click quick actions, so click under attack Mode.


3. Turn On The Web Application Firewall

The Cloudflare web Application Firewall (WAF) is available to pro, Business and Enterprise customers. control of the WAF is found within the web Application Firewall section of the Cloudflare interface.


How to Stop DDoS Attacks Protect Against DDoS Attacks‎


4. Set Your DNS Records For Maximum Security

With CloudFlare DNS Settings, you will change CloudFlare’s security and performance on a per-record basis. Security is ON once the cloud is orange. Security is OFF if the cloud is gray, letting the attacker bypass CloudFlare’s security and attack your net server directly.


How to Stop DDoS Attacks Protect Against DDoS Attacks‎

Here’s how to set your DNS records for maximum protection :

  • Enable CloudFlare security (orange cloud) on the web records you use, including FTP, SSH.
  • Use your origin IP for actions like FTP, SSH, etc.
  • Delete any wildcard records — unless they are required — as they will expose your origin IP address.
  • Remove any mail records that expose your origin.

Protocols like mail, FTP, SSH and cPanel have gray clouds by default. If you enable CloudFlare for these subdomains, the protocols will no longer work. However, if you have gray clouds, an attacker can look up your origin server IP if they know about these subdomains and circumvent CloudFlare’s DDoS security solution. To resolve the issue, enable orange clouds for the subdomains.

Once you enable an orange cloud on all DNS records, you need to use either the direct IP to access certain protocols like mail, FTP, SSH and cPanel. For example, to FTP you would use ftp.yourdomain.com or ftp://yourserverIP (put in your server IP address). When you do, keep in mind a couple of important points:


How to Stop DDoS Attacks Protect Against DDoS Attacks‎

If there is no cloud, the record cannot be proxied. But that means it is pointing to another service, so this shouldn’t be a concern.

CloudFlare provides an authoritative DNS service to its direct customers; this step only applies for those records delegated to CloudFlare. If you’ve enabled CloudFlare via a hosting partner or CNAME setup, your DNS is controlled elsewhere. If the attacker is attacking your server directly, then you may need to sign up directly through CloudFlare and restart at Step 1.


5. Do Not Rate-Limit Or Throttle Requests From CloudFlare IPs

CloudFlare acts as a reverse proxy, so all connections come from one of their IPs. It’s important to ensure your server accepts connections from Cloudflare at all times. CloudFlare IP ranges are listed at cloudflare.com/ips , and the page includes links to simple text files intended for machine parsing. CloudFlare adds any new ranges to the public list at least one month before the new range is used, and uses many methods to publicize new ranges.


How to Stop DDoS Attacks Protect Against DDoS Attacks‎


6. Block Specific Countries And Visitors

CloudFlare’s threat control feature lets you block IP addresses and set challenges for entire countries. Once you add an IP or country, the security rule will take effect within two minutes, offloading that traffic to your server. To decide which country or IPs to add to the IP firewall, check your log files or follow the steps noted below. You can find the IP firewall in the IP Firewall section of the CloudFlare interface.


How to Stop DDoS Attacks Protect Against DDoS Attacks‎

If your site is still offline after completing these steps, or if you want to take additional security safeguards, please continue to the next step.


7. Ask Your Hosting Provider For A New Server IP

If you have already completed all of the steps outlined above and you’re still asking yourself how to stop a DDoS attack, then the attacker likely has your origin server IP. You will need to contact your hosting provider, ask them to give you a new origin IP, and then update it within your CloudFlare DNS settings page. Here’s what to tell your web host:


How to Stop DDoS Attacks Protect Against DDoS Attacks‎

Once you have the new server IP address, make sure you update the IP in your CloudFlare DNS Settings page. With CloudFlare enabled for all web records, it’ll help mask your server’s IP address so the attacker can’t get the new one.


I hope you enjoyed this article.




Sharing is caring

google
linkedin

About Author

Akash is a co-founder and an aspiring entrepreneur who keeps a close eye on open source, tech giants, and security. Get in touch with him by sending an email (akashchugh1994@gmail.com).


You may also like :-




Leave a Comment

Your email address will not be published. Required fields are marked *




Stay Connected

Popular Posts

Get Latest Stuff Through Email


Who Should Read TechTrick?

All the tricks and tips that TechTrick provides only for educational purpose. If you choose to use the information in TechTrick to break into computer systems maliciously and without authorization, you are on your own. Neither I (TechTrick Admin) nor anyone else associated with TechTrick shall be liable. We are not responsibe for any issues that caused due to informations provided here. So, Try yourself and see the results. You are not losing anything by trying... We are humans, Mistakes are quite natural. Here on TechTrick also have many mistakes..