I recently noticed that one of my websites was being targeted by hackers on a large scale. I was stunned about this, as there wasn’t anything to win or exploit on this website. It was empty, freshly set up and waiting to serve its purpose, when I stumbled on the website’s statistics. As you can see in the screenshot below, all of a sudden it received 70,000 hits in one day. I had used this example to illustrate the necessity of taking care of your website’s security in a previous post. Today, I am going to show you what you can do to protect your website from unsolicited website visitors with bad intents. You will learn a method for how to get the numbers of your site’s hit statistics back to an appropriate level for a website that isn’t in business yet.
In my first article about website security, I have laid out six action steps that you can do to implement a basic security standard. These steps will not prevent hackers from approaching your site, but at least you have some emergency plan in place and you aren’t making it too easy for them. Chances are they get tired of your secured website quickly, and leave to find another site to spy on.
My website got targeted by massive hits
This website of mine that got targeted, had the majority of security precautions I am preaching about already implemented. But it didn’t have any content, so I ran the site it without an SSL certificate.
However, receiving 70,000 hits in one single day feels like being bullied, and yes, it did raise insecurities in me. I started questioning how useful the security plugins that I was using really were.
Why couldn’t they protect me from these attacks?
I had a closer look at the settings of all of my security plugins, but found them to be configured well.
WordFence is showing the IP addresses of the attackers, and I could see that they changed after every few hours. I could have blocked them (which I did for a while), but I realized soon they would just be switched to another IP address and start all over from there again. I understood I was locked in a reactive mode, and I would always stay so.
I got it. I needed to apply a different strategy.
Then, a few days later, things got worse. The website’s statistics then showed 100,000 hits in one single day!
That’s when I seriously began thinking about a new strategy. I was intending to work with this website soon, but I certainly didn’t want these nasty machines targeting my site – without me fully understanding the technicalities.
How I cut off the mass attacks
I have given the math example in the previous article, but I am doing a little refreshing here.
One hour has 60 minutes, and there are 24 hours per day. This sums up to 1,440 minutes per day, and 100,000 hits in one single day equals about 70 hits per minute. That is more than one hit per second, and a clear indication that it had a lot to do with some machine-controlled attack.
As you can see in this screenshot, on August 18, I was having 100,000 hits a day. And the next day and the day after, I was back to zero or almost zero hits.
How did I do it?
I set up an account with CloudFlare and connected the website to it.
CloudFlare is one of those instruments that can make a big difference when you need to upgrade your website. If such task is on your schedule, I recommend you check out my article 33 Ways to Upgrade your Business.
What is CloudFlare?
CloudFlare is actually a CDN – a Content Delivery Network, which is basically a large system of servers deployed in multiple data centers all around the world.
Its original purpose is to serve a website’s content to an end-user with high availability and high performance.
To illustrate that, imagine a user in Australia is accessing a website that is hosted by a server in New York. The request for accessing the site would go all the way through the oceans, passing through different major web knots until it reaches the website’s host in New York. There are a few factors involved here that determine how fast the website’s content will be loaded (like bandwidth, hosting package, connection speed), so I find it a bit unsound to throw in a number. However, when a website is connected to a CDN that has data centers in major hot spots on the globe, the user in Australia will automatically be routed to the respective data center in Sydney. Then it is not hard to imagine that the request to access the site will be processed much faster. Better performance = happy visitor.
That’s the original purpose of a CDN, but CloudFlare also offers a bunch of security features that come in very handy. They are rather basic for a free account, but get more advanced should you sign up for a paid account with CloudFlare. Nevertheless, the security features help to lock out attackers.
When I connected my website with CloudFlare, I saw immediate results.
From one day to the next, the website’s hits fell to an appropriate level and stayed there. And have remained so ever since.
What did I learn from it?
First of all, a website can be attacked for absolutely no reason. Whether you are a good person or not, whether you have some content on your website or not – one day, someone comes along who is curious enough to check you out. They point a machine at your site and let it bombard with hits.
My strategy of using a CDN to shed off those annoying stalkers worked.
The free account from CloudFlare is already an effective instrument, and should the website be ever exposed to a serious DDoS attack, I will upgrade to a paid account.
I would love to hear from you if you have ever experienced these kinds of attacks on your website, and what your approaches were to get it solved. I am aware that using a CDN is just one possible way, so please, share your insights with me in the comment section below.