You are here: Home > News > The server how to effectively prevent DDoS attacks?


The server how to effectively prevent DDoS attacks?

The harm of the DDoS attack, and it is hard to guard against, you can directly to paralyze the website goes down, the server, resulting in the loss of property authority, brand to shame, huge losses, such as a serious threat to the development of the Internet information security.

As the ravaged by DDOS attacks on the Internet, make the DDOS prevention work more difficult. This year, according to data from DDoS attacks hit a new record, year-on-year growth of 132%. Among them, the most massive DDoS attacks peak flow rate of more than 240 Gbps, lasted for more than 13 hours. For now, the hacker attack on plain code marks a price, even make a 1 g traffic to a web site for an hour, only a few dollars. DDoS costs so low, and the attack also nobody tube, so the website user what measures should be taken for effective defense?

1、Ensure the safety of server system

First, make sure that the server software without any holes to prevent the attacker invasion. Make sure that the server using the latest system, security patches and. On the server to delete unused services, shut off the unused port. For server running on the web site, to ensure the patch at the latest, no security vulnerabilities.

2、Hide the real IP server

Server front-end CDN transshipment, if flush with cash, can buy a defense shield machine, used to hide the real server IP, domain name resolution using CDN IP, all analytical subdomain use the IP address of the CDN. In addition, other domain name cannot be deployed on the server using real IP parsing, all use the CDN to parsing.

In addition, to prevent foreign transmit information leakage IP server, one of the most common is that the server does not use email, if you send mail, can be sent via a third-party broker, such foreign shows that IP is the proxy IP.

3、Back up your data on a regular basis

Use tape to save precious data, but there is also a huge data backup security holes, so when the backup, also should be to effectively protect the backup medium.

4、To strengthen the server security level local file format

In short, as long as the real server IP does not leak, 10 g under small flow rate of DDOS prevention can't spend how many money, free of CDN can handle. If the attack traffic for more than 20 g, then the CDN free may hold, need to purchase a defense shield machine to deal with, but the real IP server also needs to hide. However VPB server DDOS defense system to prevent the DDOS attack effectively