How can you stop things like DDOS and brute force attacks?
- Thread starter Aayushi
- Start date
Depends on how bad the attack is.
If you're in WordPress, there are plugins like Wordfence Security which will block IPs and Countries and does a decent job on a small scale. Sometimes a Software Firewall on the server level will take care of it, other times you need the protection at the datacenter level (null routing IPs, hardware devices, etc). If you're using a cloud service CDN (MaxMind, Cloudflare, Google), they have setups in place to mitigate attacks without you having to be involved.
So it all depends on the level of attack, what the attack type is, and then that determines the route for defense and blocking.
If you are currently under attack, you need to alert your upstream host/datacenter ASAP to prevent action on their end which may take down your servers, and accounts of your clients.
YouStable
Member
For Bruitforce, you may enable Web Based Firewall and do check if IP Table rules are set correctly if you talk about DDoS, then there is no such way to avoid it completely.
You can mitigate the attack with Soft and the actual firewall system, but yes for small-scale attacks you can use CDN and another distribution network
You can mitigate the attack with Soft and the actual firewall system, but yes for small-scale attacks you can use CDN and another distribution network
ITivan80
Member
As a starting point, it’s important to ensure that your web servers are protected from brute-force attacks. Attackers will aim to get access to a server or temporarily cause it to be unresponsive. Brute force attack involves trying thousands or potentially millions of passwords until the correct password is found. You can also use DDoS protections with Web Application Firewalls (WAF). This can either be achieved with a WAF technology offered by the cloud provider, or through a third-party vendor.
