A single hacker took down the HootSuite service in a DoS attack on March 20 2014. That’s the scariest part of the whole story. One hacker disabled a major online service. Here’s what you need to know about the difference in a DoS and a DDoS attack and how to protect your site.
CEO of HootSuite, Ryan Holmes, responded to users stating, “While HootSuite users were for a short time unable to access the dashboard, service has now been restored, and no customer data was compromised.”
They identified the attack as, “A malicious user attempted to flood our services with traffic in order to shut down the system.”
DoS and DDoS and DrDoS
While there are several different types of attack methods, the results are the same. A server is overwhelmed with requests to the point that it either fries or gets shut down. Either way, it becomes unavailable for a time.
But, it’s important for you to at least know the basics of the different attacks because it will help you protect your site.
This is especially important if you are on shared hosting.
Think of your files existing in an apartment building in a section of town. If everyone in your neighborhood gets serious about security, the whole neighborhood is safer.
DoS – Denial of Service – a single attacker, from a single IP address floods a server with incoming requests.
DDoS – Distributed Denial of Service – an attack is generated from a botnet that uses multiple IP addresses.
DrDoS – Distributed reflective Denial of Service – one computer can now act like 100 computers in a DDoS attack. This is the scariest attack type of all. Multiple IP addresses are generally used.
There are even more attack types, like Brute Force and Amplified DNS. And they all look like a DDoS but have a different purpose, which is to hack into sites and servers and do bad things to them.
What You Can Do
Get serious about site security. If one attacker can take down HootSuite, what can a whole botnet do to the server your site is on?
Read this DDoS Attacks, Brute Force Attacks, and Site Security and take action. Multiple scanning and test tools are near the bottom of the post.
Use a superior backup strategy.
Get my free report How to Backup Your WordPress Site with 14 rated backup and storage solutions, plus info on setting your backup intervals and more.
BackupBuddy (aff link) is what I use on BlogAid and all client sites. And I store the files on Amazon S3 (AS3).
The bottom line is that you get proactive about security and keep your site safe.
I stand ready to help you with your site. Contact me and let’s have a chat to map out a plan for you.