IONOS DDoS Defense Mechanism

A Distributed Denial of Service (DDoS) attack involves overwhelming a target system by inundating it with a massive volume of requests from a network of distributed computers. The goal is to incapacitate the target, making it unresponsive or inaccessible. These target systems can include websites, applications, or networks.

Cybercriminals employ sophisticated strategies to execute these attacks, primarily categorized as:

1. Bandwidth Overload

This technique overwhelms the network interface of the target system, saturating its bandwidth and rendering it unreachable. The attack focuses on exploiting connection devices and network capacities.

2. System Resource Overload

This approach targets a system’s available resources, such as a web server’s capacity to establish connections. By sending an excessive number of invalid requests, attackers exhaust the system’s resources, making it incapable of serving legitimate requests.

3. Application-Level Attacks

Such attacks exploit vulnerabilities in specific software or operating systems, potentially causing software errors or system crashes. Examples include:

• HTTP Floods: Overloading a login page with excessive requests.
• WordPress Pingback Attacks: Exploiting WordPress pingback functionality to send fake requests that amplify traffic to the target system.

DDoS Protection Solutions by IONOS

IONOS offers robust DDoS protection tailored to different types of products:

1. Client-Managed Products

• Products: Dedicated Server, Virtual Server Cloud, VPS, Cloud Server
• Solution: Global Scrubbing Platform (GSP)
• Focus: Protection at the network and transport layers (OSI layers 3 and 4)
• Defends Against: Volumetric, UDP, and TCP attacks

2. Products Managed by IONOS

• Products: Shared Hosting, Managed WordPress, Managed Nextcloud
• Solution: WebShield
• Focus: Protection at the application layer
• Defends Against: HTTP/HTTPS overload attacks

Enhancing DDoS Protection: Best Practices

Although IONOS provides strong automatic DDoS protection, customers can take additional measures to enhance server security:

Firewall Configuration

• Open only the necessary ports and restrict them to required protocols.
• Prevent unauthorized access and mitigate attack vectors by customizing firewall rules.

Regular Software Updates

• Keep operating systems and applications up-to-date with the latest security patches.
• Use tools like apt-listchanges or apticron for automated update alerts on Linux systems.

Intrusion Detection Systems

• Deploy intrusion detection systems (e.g., Tripwire, Aide, Psad) to identify and respond to attack attempts in real-time.

Application-Level Protection

• Implement IP reputation monitoring, CAPTCHA systems, rate limiting, and whitelisting to defend against HTTP floods and similar attacks.

Access Restriction

• Limit server access to authorized users only, reducing exposure to potential threats.

Backup Strategy

• Maintain a robust backup strategy to ensure data recovery in the event of an attack.

Utilize a Content Delivery Network (CDN)

• Distribute traffic across a CDN to absorb volumetric attacks targeting bandwidth overload.

Contact and Support

If you require further assistance or have questions about your DDoS protection, please contact IONOS Customer Support. For additional information on securing your server, consult the following articles:

• Protecting data and end devices with a suitable backup strategy
• Information on network issues and their resolution

Taking proactive measures and leveraging the advanced protection provided by IONOS can significantly mitigate the risks associated with DDoS attacks.