DDoS attacks have become one of the most common disastrous attacks on the Internet. The number of attacks along with their size and intensity has increased substantially: in the space of just last year 57% rise in total DDoS attacks have been reported. That is why we want to share with you some of practical tips to defend against DDoS attacks and actions worth taking while experiencing the attack to minimize losses:

1. One of the well-known approaches to handling DDoS attacks is over-provisioning. In order to scotch the attack and reduce its impact on your clients you need to provision for far more traffic than you usually expect to receive. How much should be enough? Estimate the largest amount of traffic that you have ever had, multiply it by ten and adapt your hardware infrastructure to cope with this level of traffic. It will make much more difficult for an attacker to generate enough traffic to bring down your company’s network.

2. If you are experiencing DDoS attack you need to consider disconnecting from a network. It will result in taking your business off-line and cutting off access to all your products and services but at the same time it will prevent from further utilizing network resources.

3. Additionally, you can perform DNS redirection by changing an “A” record which provides servers with the IP address of your domain. Keep in mind that you have to notify your clients about it so they can enter new IP address in order to keep using services of current network provider. This method is as effective as quickly DNS propagation is proceeded. It may take even a few hours and often requires a direct contact with a hosting service provider.

4. IP addresses are cached by servers around the world for a specific period of time (measured in seconds) which is known as “Time to live” (TTL). Usually, default TTL value is 86400 seconds (24 hours), which may be far too long if you are under DDoS attack. You can reduce losses by controlling TTL value: the shorter TTL value, the quicker you will be able to redirect all web site requests to a new IP address. You need to, however, bear in mind that shorter TTL value means more frequent requests which, in turn, increases the load on your DNS host.

5. Changing DNS or even migrating to another server may be not sufficient to completely resolve the problem. If an attacker finds out what your intentions are, the attack will be redirected to a new target and everything may start all over again. Therefore, it is also worth giving some thought to cloud-based traffic scrubbing services which are able to quickly filter out malicious software from data stream. Data cleansing service providers are the first line of defence against high-volume DDoS attacks – they have sufficient bandwidth and proper tools to filter network traffic which stems DDoS packets within the cloud and pass normal traffic to the company network.

6. You may also take into consideration some additional services, such as CloudFlare. They monitor network traffic and collect data that are used as a basis to assess the risk of possible attacks. Thanks to this, each attack attempt is thwarted before it does any damage. What is more, in case of a serious attack, they are able to restore a webpage and revert back any negative changes using previously made backup files. This way, users may not even notice the malfunction.

Destructive power of DDoS attacks cannot be disregarded. Every company needs to ensure its sustained operation and resource availability by remaining vigilant and taking all possible measures to mitigate the risk of being hit before it happens.

And so it happened. Today we finished the first phase of the plan through reorganising our whole server and network structure, and applying security improvements. That will result in minimization the risk of downtimes and interruptions in the delivery of services. But most importantly, we finished the massive update of all the modules to implement a far better license verification mechanisms. In this way, even if the licensing servers are down, the proper work of your modules will not be interrupted.

To benefit from the mentioned improvements you will need to upgrade your modules. To do so, simply log in to our client area, download the latest versions released today (29.08.2014) and follow this simple instruction.

Please note, that you do not have to update the modules, but it is highly recommended.  In case you do not update your modules, we can not guarantee you the adequate stability at the time of serious server failures. However, they will work correctly. The decision belongs to you but we are convinced that there is no reason to postpone this task.

Soon, we will implement additional improvements like for example secure message system into our ticket system. It will further enhance the safety of your valuable data provided in the tickets. We will keep you posted.