Remember that it may take some fine-tuning to work out how to block troublesome IPs without disrupting legitimate traffic. Then, you need to monitor your traffic and see what insights you can gather to inform your blacklisting policy. First of all, you need to whitelist the bots you do want to access your site, such as the search engine bots.
It’s therefore advisable to use a combination of whitelisting and astute blacklisting at a granular level. This means that if you just blanket-block IPs which make an unexpectedly high number of access requests in a short period, you risk decimating your organic search results. For example, search engines use bots to crawl sites both very quickly and very frequently. This is possibly the most classic sign of a DDoS attack, but even this is not unique to DDoS. You receive multiple requests from the same IP address in a short period This can be particularly useful if you’re cloud hosting as you might have an issue in one region but not the others. For example, you might want to ping your site from different regions. What’s more, many of these services allow you to fine-tune your ping testing to reflect different conditions. Instead, you should be using a ping-testing service to test your website continually so that you are alerted at the first signs of a problem.
The less frequently you ping test, the more you have to rely on getting lucky to catch a DDoS attack (or any other network issue) before it reaches the critical stage. If you’re running a business website, then really, you should be doing much more than just sending ping requests every so often to check that all is well. It’s therefore advisable to set up an event to email an administrator if a server ever responds with a 503 outage. Your server responds with a 503 due to service outages.Īgain, this is not unique to DDoS attacks, but these events do need to be investigated. Otherwise, your IT team may get inundated with false alarms to the point that they cannot detect a genuine issue until it is far advanced and causing serious problems. This means that your management team has to work closely with your IT team to keep them apprised of anything which could increase traffic to your website. For example, if you advertise a flash promotion, then you are probably hoping to see a huge spike in traffic. This is one of the classic signs of a DDoS attack, however, as is generally the case in cybersecurity, this has to be put into context.
0 kommentar(er)
