How to defend against competitor DDoS attacks

Started by Peter, Jul 31, 2022, 04:55 AM

Previous topic - Next topic

PeterTopic starter

My Rust sales website is frequently targeted by DDoS attacks, which I suspect are instigated by a competitor seeking to benefit from the disruption. The motives for conducting such an attack could include direct extortion, attempting to further business interests, demonstrating power to third parties, or using it as a cover for other malicious activities.

To protect against these attacks, some hosting companies offer their own anti-DDoS protection, but the effectiveness ultimately depends on the resources available. When selecting a hosting provider, my requirements include SLA for handling incidents and technical issues, availability of cloud infrastructure, flexible network management with the ability to configure atypical networks, and access to modern equipment with provisions for replacing failed components. Thank you for listening!


Here's what can help against attacks
1. Get rid of Windows Server
2. Part ways with Apache
3. Use the testcookie module
4. Code 444
5. Geoban


A popular way to protect is to use the Cloudflare service. A service that will help hide your IP address and thus become inaccessible to intruders. There are both free and paid plans. You can protect your site for free not from all types of attacks. :(

Edison Duncan

In our time, the concepts of DDoS are very vague. Many people think that a DDoS attack is about sending a large number of responses to a server. In fact, there are three types, or rather levels. At the level of their understanding, protection should be built.
1. Network layer
2. Transport layer
3. Application layer.
The Cloudflare protection system works on a filtering system. This technology allows you to encrypt and filter all incoming requests to the server. Frankly speaking, this protects and at the same time loads the server.
I give you an 80% guarantee that you succumb to transport layer attacks (all game servers and some game stores are subject to them). What to do? Protect your L4 level by installing a packet flood, and for a "smart" DDoS attack, use the WAF (online firewall) function.


DDoS attack prevention and countermeasures can be classified into passive and active, as well as preventive and reactionary methods.

Preventive measures aim to eliminate the causes of DDoS attacks, such as personal grudges, competition, religious or cultural differences, among others. By addressing these factors early on, organizations can avoid the need for a DDoS attack response in the future. This approach is non-technical and managerial.

Response measures comprise technical and organizational/legal methods to actively counter the sources or organizers of an attack. Companies may even offer search services that identify both the attacker and the client.

Software and hardware solutions are now readily available to protect against DDoS attacks on different scales and for various types of organizations. From simple web servers for small businesses to complex systems for large institutions, there are many options to choose from.

Filtering methods block and reduce the incoming traffic from attacking machines, using ACL lists or firewalls. Firewall methods are highly effective but only work in private networks.

Reverse DDoS redirects traffic back to the attacker and disables their equipment, but it requires sufficient web server capacity.

Addressing system vulnerabilities and building up resources are additional protective measures. Fixing exploits and updating operating systems are examples of vulnerability management. Building distributed systems and physically distributing services across multiple data centers are also recommended.

Ultimately, the effectiveness of DDoS protection depends on proper architectural design, allowing organizations to cope with almost any type of attack.


Protecting against such attacks is crucial to ensure the smooth functioning of your business. Considering your requirements, selecting a hosting provider with robust anti-DDoS protection and advanced infrastructure is a wise choice.

When examining potential hosting providers, it's essential to evaluate their Service Level Agreement (SLA) for incident and technical issue handling. A reliable SLA will provide clear guidelines on how quickly they respond to and mitigate DDoS attacks. Additionally, the availability of cloud infrastructure can offer scalability and redundancy to handle sudden spikes in traffic during attacks.

Look for hosting providers that offer flexible network management options, allowing you to configure atypical networks to strengthen your defenses. This will enable you to customize your network settings specifically to counter DDoS attacks. Access to modern equipment and provisions for replacing failed components quickly are also vital to maintain uninterrupted services in case of hardware failures.

Carefully consider these factors when selecting a hosting provider, and don't hesitate to inquire about their specific anti-DDoS measures and track record in handling such incidents. It's important to prioritize security and resilience to ensure the stability and reliability of your Rust sales website.

Here are a few more considerations to keep in mind when selecting a hosting provider to protect against DDoS attacks:

1. Proactive Monitoring: Look for a hosting provider that offers proactive monitoring services to detect and mitigate DDoS attacks in real time. This can significantly reduce the impact of an attack and minimize downtime.

2. Traffic Scrubbing: Find out if the hosting provider employs traffic scrubbing techniques. Traffic scrubbing involves filtering out malicious traffic while allowing legitimate traffic to reach your website. This helps to maintain service availability during attacks.

3. Redundancy: Make sure the hosting provider has redundancy measures in place, such as multiple data centers in different geographical locations. This can help distribute the load during DDoS attacks and ensure uninterrupted service.

4. Security Expertise: Assess the hosting provider's expertise in cybersecurity. Look for providers that have teams of security experts who are experienced in handling DDoS attacks and implementing effective mitigation strategies.

5. Reputation and Reviews: Research the reputation and reviews of potential hosting providers. Check if they have a history of successfully mitigating DDoS attacks for their clients. Positive feedback from other customers can indicate the provider's reliability and effectiveness in dealing with DDoS threats.

6. Scalability: Ensure that the hosting provider can scale their resources to handle increased traffic during DDoS attacks. Your website should be able to withstand high volumes of incoming traffic without compromising performance or uptime.

7. Anycast DNS: Look for a hosting provider that offers Anycast DNS services. Anycast DNS distributes your website's DNS resolution across multiple servers, which helps spread the load and mitigate DDoS attacks by absorbing traffic across different locations.

8. Web Application Firewall (WAF): Check if the hosting provider offers a built-in WAF or integrates with third-party WAF solutions. A WAF can help filter out malicious traffic and protect against application-layer attacks often used in DDoS campaigns.

9. Traffic Analysis and Reporting: Ensure that the hosting provider offers detailed traffic analysis and reporting tools. This allows you to monitor and understand the nature of DDoS attacks targeting your website, enabling better decision-making and fine-tuning of your defense strategies.

10. Incident Response Team: Inquire about the hosting provider's incident response team and their expertise in handling DDoS attacks. Knowing that they have a dedicated team ready to respond quickly and efficiently during an attack can provide peace of mind.

11. Mitigation Techniques: Understand the hosting provider's approach to DDoS mitigation. Do they employ rate limiting, IP blocking, or other advanced techniques? It's important to choose a provider that employs a comprehensive set of mitigation techniques tailored to defend against various types of DDoS attacks.

12. Regular Updates and Patching: Verify that the hosting provider keeps their infrastructure up to date with the latest security patches and updates. This ensures that vulnerabilities that could be exploited by attackers are addressed promptly.