We at VPSBG are excited to announce that we are now using StormWall DDoS protection for our powerful and reliable cloud VPS and VDS servers.
Offering Advanced attack filtering, our new and improved DDoS protection is capable of stopping extremely large volumetric attacks due to its 8 Tbit/s max filtering capacity! Not only that, but it also comes equipped with HTTP flood web protection, eliminating fake traffic before it even reaches your cloud server in order to keep your website safe at all times!
Additionally, if the connection does happen to drop, you will be automatically connected to another point of presence in order to ensure a smooth and uninterrupted experience for you and your users. Moreover, our new DDoS protection does not use NAT tunneling, meaning better security, an unlimited number of TCP/UDP ports and zero added latency!
What is a DDoS Attack?
A DDoS attack, short for distributed denial of service, is essentially an attempt to overwhelm a given network or server with an excessive amount of fake traffic. By overloading the system with concurrent requests, the server or network then begins to struggle to keep up, usually resulting in unplanned downtime, making any websites or applications hosted on the server/network impossible to load for real users, potentially damaging your reputation and losing you clients or sales in the process.
The attacks usually happen through a coordinated network of compromised devices, referred to as a botnet, which when prompted start flooding the designated server or network with requests.
Types of DDoS Attacks
Seeing as how DDoS defenses have improved over the last decades, it’s not surprising that DDoS attacks are also becoming more complex. In general, they can be split into the following categories.
Volume-based attacks
The traditional, most common type of DDoS attack is the volume-based one, which utilizes a large volume of traffic in an attempt to overload the server or network. Common techniques with such attacks include UDP, ICMP and SYN flooding and they are most effective against networks with limited bandwidth or inefficient processing power or less server resources.
Resource exhaustion attacks
Speaking of resources, the second DDoS attack type aims at exactly that - consuming a vast majority of the target’s resources like CPU power, memory and bandwidth. The most prominent techniques for this type of attack include HTTP flooding, DNS amplification and SSL/TLS attacks. This overloading of the server’s resources makes it impossible for real users to access the server, resulting in server errors, unexpected downtime and potentially a loss of clients or sales, as we previously mentioned.
Reflection and amplification attacks
The next type of DDoS attacks utilizes the amplification factor of given protocols in order to expand the attacking traffic, which makes it really difficult to mitigate. Some popular methods of such attacks include DNS, NTP and SSDP reflection attacks. What makes this particular type of attack so powerful is that it can practically generate a substantially larger volume of fake traffic.
Application layer attacks
Finally, we have application layer attacks, which exploit vulnerabilities and backdoors in specific applications or protocols. Most prominently, they utilize HTTP GET floods and slowloris. However, these attacks can be quite dangerous due to the fact that they actually target and utilize the application itself rather than the network or server, making them more than capable of causing significant damage. This is why it’s important to not only keep your software up to date, but also to ensure that the DDoS protection also covers the application layer.
Popular DDoS protection techniques
There are quite a number of divergent techniques that have been developed in order to be able to combat the different types of DDoS attacks.
At the network layer, there are techniques like rate limiting, packet filtering and deep packet inspection that are all designed to spot and block fake traffic before it reaches the server or network. This is done by looking for specific traffic patterns, IP clusters and weird activities.
At the application layer, things are a bit more complex, due to the fact that in order to protect a given application or protocol, you need a response method that is specifically designed for their vulnerabilities.
At the DNS layer, methods for discovering and stopping DDoS attacks include DNS filtering, load balancing and DNSSEC, which are used to encrypt and verify the authenticity of DNS records while also distributing the traffic across a number of different servers in order to reduce the impact of the attacks.
How we implement our new DDoS protection
Our new and improved DDoS protection comes in the form of DDoS-protected floating IPs, making it extremely easy to protect your server by just purchasing and attaching an IP directly to your cloud instance.
To do this, simply log into the VPSBG Console by entering your email and password. From there, navigate to the Networking tab from the side menu and click on the Floating IPs button.
Next, click on the Order Floating IPs button. This will take you to the IP ordering page.
IMPORTANT: Our traditional and DDoS-protected floating IPs share the same pool, meaning that each account has a maximum of 64 combined floating IPs that can be purchased. For example, you can have 14 DDoS-protected IPs and 50 normal floating IPs. If you wish to extend the limit, please contact us.
Once you have selected the amount of IPs that you’d like to purchase, you will see that there is an option to directly attach your IPs to a given server. Doing this will automatically align the billing cycle of the IPs with that of the server so that you don’t have to worry about manually renewing your new IPs.
This option will however attach all of your IPs to the selected server. If you wish to attach them to a different service, you can leave the box unchecked and then manually distribute your IPs across your desired servers.
Once you have purchased your floating IPs, you will also notice that you will have a new option available - Manage Protection, which you can use to manage your DDoS protection. Some example features include blacklisting, whitelisting and geo filtering, which can help you manage traffic from particular countries. For a more detailed look at our protection management options, you can take a look at our DDoS protection tutorial from our documentation.
Why we chose StormWall
But why did we choose StormWall? A question that was answered really quickly once we made the switch.
To begin with, StormWall offers real-time information about each attack, offering a detailed analysis including the type, scope and behaviour of each targeted malicious action, allowing us to have a better understanding of attack patterns and allowing you to also have a much more in-depth look at who and when is attacking your applications.
Their API is also a very crucial point for us, enabling easy service management and a programmatic, automated system that comes with a plethora of different benefits including faster loading times, better user experience and improved network performance with reduced congestion.
The high filtering capacity and their global coverage also makes it possible to detect attacks much faster with improved accuracy, reducing false positives along the way and guaranteeing zero downtime during attacks.
Another important benefit of StormWall is their responsive and reliable support team, offering external assistance when needed, ensuring that your applications are protected at all times.
We are more than delighted to embark on this journey together and combine our success stories because this partnership will help us further improve our security.
