Online businesses put hours of hard work into maintaining websites. Building an e-commerce site is a significant undertaking that needs protection against hackers. A Denial of Service, or DoS, attack can cripple an e-commerce website, causing revenue losses that a small business may not be able to absorb. A DoS attack occurs when hackers flood a website with a plethora of requests, often through the use of a botnet, or network of malware-infected computers. Overwhelmed by the massive amount of incoming traffic, the website grinds to a halt, making it impossible to access. A Denial of Service attack can bring a website down for a week or longer.
Why launch DoS attacks? Hackers sometimes use Denial of Service attacks as protests, either because a website proclaims a message they disagree with, or has connections to organizations the hackers deem undesirable. Other hackers use the threat of a DoS attack to extort money from a company. Launching an attack “for the lulz” (for the laughs) is another possible motivation.
Lowering Your DoS Risk
Reducing your website’s Denial of Service attack risk is like burglar-proofing your home. Make a break-in as difficult as possible for burglars, and they’ll probably look for a softer target, although if someone really wants to break into your home, they’ll find a way. The same philosophy applies to DoS attacks – protect yourself as much as possible, and hope the hackers will target weaker prey.
Keep all software up-to-date with the latest patches. This includes all applications data, your email server, operating system, DNS server, and web server. Older versions of software have vulnerabilities that hackers can exploit.
DoS Attacks and WordPress
Since WordPress is the most popular CMS nowadays, it naturally attracts lots of DoS attack risks. What you can do to make your site’s life safer is keep your WordPress version updated at all times and install a plugin that will help you if or rather when a disaster strikes. Having that said, let’s take a look at a few options available out there.
Monitor at All Times
Unless you monitor your system, you won’t recognize an attack until it’s too late. Monitoring software provides you with baseline information about web traffic, protocols, peak activity times, and other important information. Monitoring software can alert you to sudden or suspicious changes in website activity, allowing you to catch a DoS attack in its early stages.
Contact your service provider, and see whether they have any contingencies in place to protect against DoS attacks. Strong fiber connections help service providers withstand the enormous increase in traffic that occurs during an attack.
Backup
You should also consider arranging for a backup Internet provider. After all, a DoS attack aimed at your Internet provider can affect you just as much as an attack aimed directly at your website. Arranging an alternate Internet provider ahead of time helps you get your website back up and running with the least possible down time. Backup servers are recommended for essentially the same reason: if your main server goes down, you can switch to a standby server.
Of course, most websites worry more about lack of traffic than about the tsunami of web requests that accompany a DoS attack. WebpageFX Internet company services help businesses optimize their sites for better search results and increased web traffic.
This guest blog post was written by Michael Mcgrath who specializes in online security issues and WebpageFX Magento.
