DDoS attacks, also known as distributed denial of service attacks, use the client/server technology to combine multiple computers as attack platforms to launch DDoS attacks on one or more targets, thereby doubling the power of denial of service attacks.

Anti-ddos is a system engineering, attack patterns, high cost of defense and more bottlenecks, defense is passive and helpless. DDOS is distributed, targeting bandwidth and service attacks, namely, four-layer traffic attacks and seven-layer application attacks. The corresponding defense bottleneck is bandwidth at layer four and throughput at layer seven. For layer 7 application attacks, we can also do some configuration to defend, for example, the front end is Nginx, mainly use Nginx http_limit_CONN and http_limit_req modules to defend. The ngx_HTTP_limit_conn_module can limit the number of connections for a single IP address, and the ngX_HTTP_limit_req_module can limit the number of requests per second for a single IP address. Limiting the number of connections and requests can effectively defend against CC attacks.

What should I do if I am attacked or how can I prevent it?

1. Intelligent analysis of big data

In order to construct a large number of data streams, hackers often need to construct request data through special tools, which do not have some behaviors and characteristics of normal users. To counter DDoS attacks, legitimate users can be modeled based on massive data analysis, and the fingerprint features, such as Http model features, data sources, and request sources, can be used to effectively whitelist request sources, so as to achieve accurate cleaning of DDoS traffic.

2. Use a high defense server

This may be a relatively simple way, generally now IDC service providers provide high defense server to help enterprises resist all kinds of traffic attacks, its principle is also very simple, is to add a layer of protection to the server, in the face of attack can resist the attack. Generally speaking, the high defense server can withstand at least 50 G of attacks, and can regularly scan nodes, is a very good means of protection.

3. Resource isolation

It can be regarded as a protection shield for user services. This protection system has extremely powerful data and traffic processing capacity, and filters abnormal traffic and requests for users. For example, in response to Syn Flood attacks, the defense shield responds to Syn Cookie or Syn Reset authentication and authenticates data sources to filter forged source packets or power attacks, protecting the server from malicious connections. The resource isolation system focuses on layers 3 and 4 of the ISO model.

4. Choose Professional security service provider Warner Cloud, a well-known IDC brand, APNIC and ARIN member unit. We are committed to Hong Kong and overseas data center basic business development, to provide enterprises and developers with high-quality US/Hong Kong server, US/Hong Kong cloud server, Hong Kong high defense server, high defense IP, cabinet rental and cloud virtual host and other products and services. We continue to expand data centers, cabinets, power and bandwidth resources in Hong Kong, Southeast Asia, Northeast Asia and North America, and resident technicians in data centers for 7*24H, with extremely fast BGP redundant network, CN2 GIA home line and more than 10 years of skills and experience. Help companies transform, compete and climb the business ladder on a global scale.