The issue of security has always been the most sensitive for owners of online stores. This topic is rather difficult, but we will try to highlight it. Let us review how to prevent DDoS attacks to your site and what it is.
What DDoS attack means and what purpose of it
eCommerce business is one of the most profitable spheres. You have neither a rental fee, nor troubles with the vast rooms’ searches and many other advantages. But some factors are not changed based on the business you have. For example, one of them is competitors.
If you have a very young, but successful Magento store which is being developed dynamically, provides customers with the different unique products and polite service with the quick delivery, you should be ready to become a victim of your competitors. It was and it will be and it is a wonderful way to keep yourself in a good shape and lead your store to the correct direction for many business men. Unfortunately, the methods of competition in the Internet are no less cruel than in a real life.
Say, DDoS attack which is done with the purpose to make a certain site or even server down. The easiest scheme looks like this:
1. An attacker who wants to disrupt the performance of your site infects computers of the potential bots via his computer. These people may not know that their machines are infected at all, thus they will not suspect anything and know that they are the part of one’s scheme.
2. After this he sends unreal requests which are processed by the online store anyway to your site using these computers. Here the cruelty begins. Many servers have a certain barrier after which they can’t cope with the requests quantity and can be down.
3. So, it is clear that the site will not be working and the customers will leave it. Moreover, it can be defined as maleficent by antivirus programs. You should agree that it is not a good perspective.
You can protect your Magento site from this attack.
Let us consider how to reflect DDoS-attack.
Any data which are added to your site whether it is links, requests and so on, passes the filtering using a certain server routers. It can help you to complicate the task for DDoS attackers. You should use not only one filter routing, but several. In this case, the quantity of the bots has to be increased for using and the requests have to be sent oftener. This is a significant material damage to the attacker, and loss of time, which cannot be recouped.
Also you should discuss what variants of the protection from such attacks your hosting partner has. The Black Holes filtering is often used. It is also a very effective way to stop the attack. While using it the wrong requests are sent by the Null0 address.
Upon reflection of this attack, it is important to secure yourself; otherwise a second time can be much more complicated. For this, many experts advise to use input filters directly on the site. It can be the line ip verify unicast reverse-path
This line should be written in the interface of the incoming data stream to an online store.
Many Magento experts consider that DDoS is a challenge for all the Internet society. Nowadays there are a big number of Magento extensions which allow protecting the site. But you should remember that the attackers do not sit on the ground and come up with new variants of the websites attack every day.
Please leave your comments how to protect yourself and your site from DDoS attack and also ask GoMage specialists the questions regarding security.