What Is a DDoS Attack?
The general idea behind a DDoS attack is to hit your website with too much traffic to handle, at which point your server will kick the bucket and stop handling requests altogether. Usually, this is done with a distributed network of computers, often called a botnet, that all send requests to your servers in an attempt to take it offline.
There are a few kinds of DDoS attacks. The most common are infrastructure layer, which use advanced techniques like SYN floods and UDP reflection attacks. These are usually handled by your cloud provider—AWS and GCP both have built-in protection for these kinds of attacks, and will do their best to prevent it from affecting your servers. The other kind happens at the application level, where your actual website is hit with automated traffic. You can imagine this as thousands of people all hitting refresh many times a second, trying to break your server. In the real world, it’s more complicated, but the same idea applies.
Sometimes, these “attacks” can be unintentional. If your site gets linked to from a popular site, like Reddit, you may experience the “hug of death,” as visitors from the linking site flood to your servers, which may not be able to handle the unexpected spike in traffic.
Luckily, most of these problems can be fixed with better infrastructure. Content Delivery Networks (CDNs) help out immensely in stopping DDoS attacks as they happen. On top of that, most cloud providers will feature auto-scaling, which can automatically spin up new servers to meet increases in application load. This can help you prevent the hug of death effect, and makes your whole website much more scalable.
The Simple Solution: A CDN
The purpose of a Content Delivery Network is to speed up your website’s performance by caching your content around the world. A CDN is made up of many different “edge nodes,” each containing a local copy of your website that updates regularly. Most visitors will be served cached content, which takes a lot of load off of your servers.
CDNs like Fastly and CloudFlare pride themselves on stopping DDoS attacks, both by active mitigation for infrastructure layer attacks, and also by providing a high-performance platform to mitigate. You’ll still need good servers behind it, but you’ll be much better off with a good CDN in front of them.
CDNs are one of the easiest ways to stop DDoS attacks, and will speed up your site’s performance in the process. You can read our guide to them to learn more, or look into Fastly, CloudFlare, AWS CloudFront, or GCP’s Cloud CDN.
Set Up Auto-Scaling or Load Balancing
On most cloud platforms, you can put multiple servers behind a load balancer, which is a network device that splits traffic between them. If you have four servers, each of them will get sent 25% of the traffic that gets sent to the load balancer.
On top of allowing your website to scale horizontally and handle much more traffic, load balancers are also great for high availability. If one of your three servers goes down, your website will still be available, as the other two servers can handle the traffic while you fix the problem. This also helps against high traffic, because you can at least split the problem up into more manageable chunks.
Auto-scaling is the process of automatically increasing the number of servers you have behind the load balancer, often during times of peak load or periodically throughout the day. It’s a complicated process, including automating the creation of your servers with instance templates or containers, but once it’s set up, it will work without manual intervention.
It can be set up so that if CPU usage or another metric gets too high, a new server will be created to handle the extra traffic and bring the average load down. Once things calm down, the extra server will be deleted. This allows your network to scale up and down to meet any amount of load, and in the event of a DDoS attack that gets past your cloud provider’s defenses, will scale up enough so that the regular users of your site won’t have their experience affected.