HOWTO survive a DDoS attack

The Electronic Frontier Foundation has published a comprehensive, multi-lingual guide to keeping sites that are undergoing distributed denial-of-service (DDoS) attacks alive.

Denial of service (DoS) and distributed denial of service (DDoS) attacks are increasingly common phenomena, used by a variety of actors—from activists to governments—to temporarily or indefinitely prevent a site from functioning efficiently. Often, the attack saturates the target with server requests designed to flood its bandwidth, leaving the server unable to respond to legitimate traffic.

Though the owners of major sites often have the resources to fend off or even prevent such attacks, smaller sites—such as those belonging to small independent media or human rights organizations—are sometimes permanently disabled due to a lack of resources or knowledge.

This guide aims to assist the owners of such websites by providing advice on choosing an appropriate webhost, as well as a guide to mirroring and backing-up their websites so that the content can be made available elsewhere even if their site is taken down by a DoS or DDoS attack.

Keeping Your Site Alive


  1. For bloggers, activists, etc, there’s a very simple and cheap solution to a DDoS:

    Just Wait.

    No DDoS can be maintained forever, because they are noisy and obvious. The longer the DDoS goes on, the more zombies are exposed, located, and taken offline, eventually draining the DDoS of its power. Consider that the U.S. government could not sustain a DDoS attack on Wikileaks for more than a week or so, even with what amounts to virtually unlimited resources.

    Obviously for online businesses this is more of a concern, because they lose money when they are inaccessible.  Even so, the impact is similar to a serious storm or other weather event – something to be anticipated, dealt with in a reasonable manner, and otherwise largely ignored. No one on the Internet need fear a DDoS attack. They aren’t the nuclear weapons of cyberwarfare – they are the Internet equivalent of throwing a tantrum.

  2. I found the overview from EFF to be very basic.  For example, no mention was made of DNS hosting, which I think you should always separate from your Web Hosting (this allows you to reasonably quickly relocate a web site IP address elsewhere which may help in some forms of DDOS that target a specific IP address)

Comments are closed.