Website DDoS Protection

Can your website handle a dramatic increase in traffic? What about 100 times the traffic?

That's what happens when a DDoS (Distributed Denial of Service) attack is targeting your website. They will exhaust your CPU, memory and bandwidth before you can even react. The impacts will range from less severe issues like down time, to getting banned by your host for Terms of Service (ToS) violations. This doesn't account for the economic impacts to your business (i.e., downtime = no purchases, no availability).

$19.98/month

Block Hackers

Brooklyn • US • Home of Sucuri's
AJ - Jr. Graphic Designer

Blocking Layer 3,4 and 7 Attacks

Sucuri’s DDoS Protection & Mitigation service can detect and block all types of DDoS attacks. We are specialized in handling layer 7 (HTTP-floods), but our service also covers all layer 3 and 4 variations:

We are familiar with many attacks and environments

  • TCP SYN Floods
  • TCP FIN Floods
  • TCP RST Floods
  • HTTP GET Floods
  • HTTP XMLRPC PingBack attacks
  • TCP Fragment attacks
  • Amplified NTP DDoS
  • Slowloris
  • TCP Syn Spoofed
  • ICMP Floods
  • HTTP Post Floods
  • HTTP HEAD Floods
  • Brute Force
  • UDP Floods
  • TCP Ack Floods
  • DNS NXDomain Floods
  • Bundled attacks
  • HTTP Cache bypass
  • HTTPS SSL Saturation
  • Amplified DNS DDoS
  • As well as other attacks

Understanding a [Distributed] Denial of Service (DoS / DDoS) Attack

Denial of Service (DoS) attacks and Distributed Denial of Service (DDoS) attacks are the same thing, only thing differentiating the two is scale. Single DoS Attacks come from one source, while DDoS (distributed) attacks, come from multiple locations, often spoofed. Our solution protects you against both types.

Whether a DoS or DDoS attack, the attacker is making use of one or more computers. DoS attacks are on the lower end of that spectrum while DDoS attacks are on the higher end of it, very large DDoS attacks can span 100’s if not 1,000’s of systems. The proliferation of DoS/DDoS attacks are directly attributed to the proliferation of DDoS-For-Hire service market, also known as Booter Services.

An attacker that is leveraging a Denial of Service (DoS) attack method has one goal in mind, to disrupt your websites performance. They disrupt your website performance by making it slow to respond to legitimate requests or disabling the website entirely, making it impossible for legitimate users to access your website. This type of disruption, depending on your configuration, can be devastating to your business.

There are three main DDoS / DoS attack types:

Each of these attacks types are designed to consume your web server resources, in one way or another and each have the same outcome - your web server / website slow to a halt or crash.

  1. Volume Based DoS Attacks

    As the name implies, this type of attacks depends on volume. The attacker employs a basic tactic, more resources wins this game. If they can overload your resources, they win. For most everyday website owners, this is an easy win. Most website owners are leveraging everyday Shared hosts and those with VPS environments are often configured in the smallest tiers and configurations.

  2. Protocol Based DoS Attacks

    The internet is all based on protocols, it's how things get from point A to point B. This type of attack can include things likes Ping of Death, SYN Flood, Packet modifications and number of other variations.

  3. Application Layer Attacks

    The basis for this attack is often targeting applications like Web Servers (i.e., Windows IIS, Apache, etc...), but more and more we're seeing this type of attack evolve to application platforms like WordPress, Joomla and other similar applications.

Sucuri Website Firewall Protects Against DDoS / DoS Attacks

There are a number of DoS / DDoS attacks that we, Sucuri, deal with on a daily basis. These are the ones that the Sucuri Website Firewall will protect your website against:

  1. HTTP Flood Attack

    This type of Layer 7 application attack happens when an attacker makes use of standard GET / POST requests in effort to overload your web servers response ability. This attack is also known as a volumetric attack, it doesn't require malformed packets, spoofing or any variation of reflection techniques. This attack can occur over HTTP or HTTPS and is much easier to implement, making them the much preferred attack method, cheaper too, for a lot of booter services targeting websites. They can generate thousands of requests a second.

  2. Simple Service Discovery Protocol (SSDP) DoS Attack

    The Simple Service Discovery Protocol (SSDP) is often used for Plug & Play (UPnP) devices, and it was only in 2014 that we started to see DoS attacks leverage this protocol. It's a relatively new attack vector for DoS attacks. It often targets traditional SSDP ports, (1900) and destination port 7 (echo). It's a form of a UDP attack, which unlike SSDP is more common. The latest reports show that SSDP attacks have the ability to increase the amplification of the attack by 30 times which might explain why it's being employed.

  3. User Datagram Protocol (UDP) DoS Attack

    The User Datagram Protocol (UDP) DoS attack will flood various ports on your web server, randomly, with packets - also known as Layer 3 / 4 attacks. This forces the web server to respond, in turn chewing through your web server resources forcing it to come to a halt or die completely. UDP is a connection-less protocol, meaning it doesn't validate source IP addresses. It's because of this that UDP attacks are often associated with Distributed Reflective Denial of Service (DRDoS) attacks.

  4. Domain Name Server (DNS) Amplification DoS Attack

    DNS Amplification DoS attacks are very popular today, they occur at Layers 3 / 4. They make use of publicly accessible DNS servers around the world to overwhelm your web server with DNS response traffic. Your web server is overwhelmed by the influx of responses in turn making it difficult to function as it's resources are depleted, making it impossible to respond to legitimate DNS traffic.

Website Firewall Advantages for Hack Prevention

  • Global, distributed network with 28 points of presence
  • Protection from all types of vulnerability exploits
  • No limit on attack size
  • Uptime guarantee
  • Use of anycast for both DNS and TCP
  • Expertise from restoring over 1 million businesses
  • Predictable pricing; pricing not based on attack size
  • Legitimate traffic can still access your content

$19.98/month

Block Hackers

WHY SUCURI?

Thought Leaders in Website Security

Sucuri has been involved specifically in the website security space over 6 years, analyzing what attackers do and how they do it. This knowledge is at the core of how the technology is built.

Simple Deployment

There is no installation required, the technology is quickly enabled via the Sucuri dashboard and at the DNS level. Changes can be made via an A record switch, or full DNS management.

Active Vulnerability Research

Sucuri’s research is second to none when it comes to vulnerability exploit attempts. Our research is widely distributed and syndicated across all major media and security outlets.

Enterprise Affordability

Budgets are tight, demand is high. Sucuri has the luxury of size and youth, we bring the right level of enthusiasm, adaptability, and technology to the enterprise website security game.

Brooklyn • US • Home of Sucuri's
AJ - Jr. Graphic Designer