What is a Denial-of-Service (DOS) Attack?
Simple. An attacker sends spurious traffic to your server. The server gets busy dealing with that useless traffic. The genuine users of your server get an error.
How do we protect availability against DOS Attack?
It is relatively straightforward to protect the 24/7 availability against a Denial-of-Service DOS attack compared to a DDOS attack. We can use a combination of the following. Most of these solutions are free and easy.
- If you have a choice, select a reputed service provider that includes free DDOS protection (no need for a paid option unless you have a DDOS problem).
- Use a reputed, free CDN (no need for a paid option unless you have a DDOS problem).
- Select the right webserver (e.g. Nginx, or OpenLiteSpeed, probably Caddy, but not Apache) that can withstand the SlowLoris attack
- Make sure the webserver has adequate capacity. Rule of thumb: Capacity = 10x average genuine traffic.
- Do server tuning (e.g. limit the number of requests from an IP address)
- Use a Web Application Firewall (WAF)
- Use a captcha solution, if possible.
- Use geofencing, unless your business is global and needs traffic from dodgy countries!
We use a strictly necessary technical cookie (__Host-PHPSESSID) to ensure secure browsing. No consent is required under GDPR. See our Cookie Policy and Privacy Policy for details.