A. You use a third-party hosting services.
Actually, if you use a third-party hosting services either paid or free, you do not need to bother with DDoS attacks since most servers hosting you live normally used for hosting many sites.
So the hosting server administrators are struggling to monitor the viability of the server hosting and ward off all attacks including DDoS to the server. Otherwise he wills potentially being chased by ‘compatriot’ owners is hosted site if the server is down or the server hosting the problematic due to DDoS.
Some important things to consider when doing the hosting third party are:
- Thorough choosing a hosting provider.
If you DDoS a concern. In choosing hosting must not choose a cheap hosting or promises many facilities , but you must choose a capable administrator who has to manage and protect your site well and have a strong infrastructure in hosting ward .
Size and experience of the hosting provider you can also make one of the considerations. As an illustration, if the hosting provider has experienced a dozen and managing large sites (which you should check first with the truth using urlquery) is certainly more than you treasure new hosting provider with profile sites maintained less.
One of the things that often happens in the logs hosting (shared hosting) is hosting cross vulnerability where, even though you have secured your hosting account well and cover vulnerabilities that exist, but because of other users on the server hosting services that you do not occupy the same and successfully taken over by an attacker, then the site you could have infiltrated manage unwanted file hosting server administrator if you do not cover up this weakness.
- Being a good citizen shared hosting.
In addition to choosing a reliable hosting provider, do not forget to also look inward to shared hosting a good citizen. As good as any hosting you choose , if you are adding a script software / services like Bulletin Board or wordpress shopping carts mean PR ( homework ) you more and more.
The more scripts or software that you install on your hosting will result in more and more vulnerability that arises from these scripts should be monitored and closed (patch) whenever discovered. And job security gaps cover the additional scripts that you plug you’re hosted hosting is the user's responsibility and not the responsibility of the hosting server administrator.
If you do not cover the security hole well and succeeded in breaking your account than you may be embarrassed or suffer financial losses due to hosting you are distracted, another hosting account might be compromised because of your negligence.
In addition, if the site that you manage to get access tremendous burden both for normal access because the site you are amazingly popular or being attacked by DDoS hosting and administrators are not able to handle this, most likely you will be asked to move because the server hosting server hosting which will result in a shared hosting down another come down.
B. If you manage your own hosting server.
If you manage your own server hosting (co - location) or something you really have to deal with many forms of attack, and one of them is DDoS. The basic formula to survive in the internet is always to follow the latest developments vulnerabilities of the operating system and software that you use on the hosting server and always patches regularly. So this is a game of stamina, proverbial marathon and not a sprint.
So the administrator shall maintain the hosting server hosting server (and other computer system) and in doing continuous lifetime hosting server. Not once installed and then leave it running. To know the weaknesses of the hosting server, you can use the Web Application Vulnerability Scanner such as Burp Suite, Contrast (commercial) or Grabber, Wapiti, Vega (Open Source).
In anticipation of DDoS attacks, in front of your web server you can just install the anti-DDoS device or firewall applications that are widely available commercially and open source version.
0 comments:
Post a Comment