A DDoS attack is surprisingly easy to carry out and affects millions of websites worldwide every year, with the number of attacks rising.
Suffering DDoS attacks may seem like an inevitable side effect of being online; the more successful your site, the more likely it might seem that you’ll be the target of an attack at some point. But you can reduce the chances of a DDoS attack affecting your site.
You might be wondering: What is a DDoS attack? And how can I protect my site from them?
In this post, we’ll explain what DDoS attacks are, explore what might make your site vulnerable, and outline the ways you can reduce their probability and impact.
What is a DDoS Attack?
Let’s start by examining exactly what a DDoS attack is and, importantly, what it is not.
DDoS stands for distributed denial of service but is often referred to as a simple denial of service. A DDoS attack consists of a website being flooded by requests during a short period of time, with the aim of overwhelming the site and causing it to crash. The ‘distributed’ element means that these attacks are coming from multiple locations at the same time, as compared to a DoS which comes from just one location.
If your site suffers a DDoS attack, you will receive thousands of requests from multiple sources over a period of minutes or sometimes hours. These requests aren’t the result of a website suddenly getting a spike in traffic: they are automated and will come from a limited number of sources, depending on the scale of the attack.
In the screenshot below, you can see the sudden spike in requests received by a site when it’s subject to a DDoS attack.
A DDoS attack isn’t the same thing as hacking, although the two can be linked; the perpetrators aren’t attempting to access your website’s files or admin, but instead, they cause it to crash or become vulnerable due to the volume of requests. In some cases, this will be followed by attempts to hack the site when it’s vulnerable, but in the majority of cases, the aim is simply to make the site stop working.
It may sound as if there isn’t any way to avoid a DDoS attack: after all, if someone decides to flood your site with requests, there isn’t much you can do to stop them.
But although you can’t do much to stop someone attempting to damage your site with a DDoS attack, there are steps you can take to ensure that if you are subject to an attack, your site won’t cease working and it won’t be vulnerable to hacking.
We’ll cover those steps later in this post, but first, let’s examine why someone might want to mount a DDoS attack on your site.
Why Would Someone DDoS your site?
So why would someone mount a DDoS attack on your WordPress site? What could they have to gain from it?
There are many reasons why an attacker might want to put your site out of action
This article was written by Rachel McCollin and originally published on Blog – Kinsta Managed WordPress Hosting.