DDoS Protection Guide & Best Practices
DDoS Explained
You've launched a website that is gaining page-view traction, leading to increased views per day. Congratulations! Your website is doing great. Unfortunately, that also means that more people on the internet are willing to test and toy with your content security.
You've probably heard of the phrase DDoS (Distributed Denial-of-Serivce) attack, however, do you know what that means?
Defined by CloudFlare, a DDoS attack is a flood of traffic
from users who share a single behavioral profile, such as device type, geolocation, or web browser version. Attacks can be identified as an exploded surge in requests to a single page or endpoint,
odd trafic patterns such as spikes at odd hours of the day, or patterns that appear to be unnatural.
Why Protect Your Website?
Someone, somewhere, will have the nerve to scan your website's DNS and MX records, available and unprotected ports, host address IP history,
and more. If you haven't taken the neccesary steps to protect yourself before this happens, you may be out of luck!
Revealing your website's connectivity information can be deadly; If your web server's origin IP is revealed, attacks can bypass any sort of client-sided packet or firewall protection, unless
you've placed a hefty firewall on your direct server, controlling incoming/outgoing rulesets for internet traffic.
Blocking & Protecting Your Content Against Web-Threats
In order to successfully mitigate a potential DDoS attack, you have to go inside the mind of the attacker, understand your web server's structure, and have some technical knowledge of how internet traffic is routed to your webpage. I've listed the most common ports used during a DDoS attack below:
| TYPE | USAGE | PORT # |
|---|
| UDP | Server Remote Power | 401 |
| UDP | Playstation Network | 3479/3480 |
| UDP | Xbox Live Services | 3074 |
| UDP | Home Networks & Routers | 19/123 |
| TCP | Layer 3/4 HTTP Attacks | 80 |
| TCP | Layer 3/4 AMP Attacks | 3306 |
What is an Internet Protocol? (IP)
An internet protocol handles the transfer of data over the internet, and there are a few different methods of doing such.
Some of the most common methods used to-date are Transmission Control Protocol (TCP) and User Datagram Protocol (UDP). You could describe these as the primary delivery source of the internet