Why are site so vulnerable to DDOS?

[jeremynative]

Hi I am experiencing my second site outage because of some other, completely-unrelated, website had a DDOS incident. Is there some way to get DDOS protection?

I don't know much behind the technology behind webhosting, but it seems unfair that my site went down because some other site was attacked. It is embarrassing to deal with random outages of your website, and having customer support suggest that I use a random proxy to access my own site.

I submit a ticket and so far they didn't tell me how long my site would be down for. I guess I will start looking at other, more reliable, web hosts. I almost suggested to two of my colleagues to use this web-hosting for their websites, now I can't confidently recommend it.

My site is still down - www.jeremynative.com

thanks

[Brian]

Hi I am experiencing my second site outage because of some other, completely-unrelated, website had a DDOS incident. Is there some way to get DDOS protection?

We actually do have DDoS protection in front of all of our servers. We utilize both Cisco Guard and Arbor Network TMS to keep all sites protected. As a rough estimate, I'd say across our entire network (all 6 locations) we are able to effectively filter 95% of the attacks that target sites we host. Unfortunately though these systems have an upper limit on what they can filter, and when that happens and an attack is simply too large to filter we have to implement a null route.

I don't know much behind the technology behind webhosting, but it seems unfair that my site went down because some other site was attacked. It is embarrassing to deal with random outages of your website, and having customer support suggest that I use a random proxy to access my own site.

This is the nature of shared hosting. The only way to protect yourself from these instances is to either host your site on a VPS where you control your environment and you're not sharing the IP with other websites, or add a dedicated IP to your account.

Regarding the proxy, I reviewed your ticket and see nothing wrong with that suggestion. When an IP changes, your local DNS resolvers are still likely caching the old IP (we cannot control this). As a result, when you try to visit your website it goes to the old IP, which in this case is nullrouted, so your site appears down when in reality it is online. This is where a proxy comes in, as it lets you view the site without being cached and you can confirm the site is online.

I submit a ticket and so far they didn't tell me how long my site would be down for. I guess I will start looking at other, more reliable, web hosts. I almost suggested to two of my colleagues to use this web-hosting for their websites, now I can't confidently recommend it.

There is the potential you'll have this issue with any shared provider in any shared environment. There is not a single shared provider in the world that is 100% immune to DDoS attacks, especially ones that are so big they actually require a nullroute. If we could find a way to protect all of our customers 100% of the time, regardless of the size of an attack, we'd implement that in a heartbeat.

All that said, this is definitely frustrating to deal with both as a customer and as a provider, there's no denying that. If you do end up moving to a new host then I wish you the best and hope that at least my explanation sheds some light on this issue, from a providers point of view. If you'd like any further explanations/clarifications just let me know, be it in this thread, a PM, or ticket. Cheers!

[jeremynative]

Thanks for the clarity Brian!!

[Brian]

My pleasure! On a final note, and I can't believe I managed to forget mentioning this in my first post, but we do have http://www.hawkhoststatus.com/ up and running which is used for any server/network related issues. So, bookmark that page and should you have an issue with your site take a look there and it may indicate something is going on.