DDoS attacks on websites and web services have been on the rise in recent years with the spread of connected devices and IoT devices. A DDoS attack can be especially crippling to such websites and web services on VPS hosting. Therefore, when choosing a VPS hosting service it is very important to check for DDoS protection VPS measures offered by your hosting company.
What is a DDoS Attack?
A DDoS attack, short for Distributed Denial of Service, is a type of attack that tries to stop your website or web service from answering your commands or your clients’ requests. They do that by engaging and occupying one of your hosting machine’s resources to the fullest. The targeted resource is often your machine’s internet bandwidth, memory, or CPU. How the attackers do that is by sending a very large number of requests to your VPS or dedicated hosting at the same time.
The definition above actually describes DoS attacks, but DoS attacks are more or less history now, since most Standard Firewalls and WAF systems (Web Application Firewalls) can easily distinguish such attacks from normal traffic, identify the source of incoming malicious requests, and block the source altogether.
For that reason, DDoS attacks have now replaced old DoS attacks. A DDoS attack is by definition distributed, meaning there’s not a single or just a few machines sending you false requests, but rather a large number of infected machines from many different locations. These requests are so distributed that no firewall or WAF system can discern them from normal traffic or stop them.
That’s why with the increasing number of low-security IoT and connected devices in the world, DDoS attacks have become more and more prevalent and powerful. Hackers now have a large army of infected devices all around the world at their disposal.
How Bad Is a DDoS Attack on a VPS?
A VPS or Virtual Private Server, is a type of hosting where a physical dedicated server is divided into several Virtual Machines or VMs each with a dedicated portion of the server resources and bandwidth. It is much lighter and therefore much cheaper than a dedicated server, but generally works the same way.
Since a VPS holds smaller amounts of resources, a DDoS attack can much more easily take it down. In that light, Having DDoS Protection enabled for your VPS is doubly critical.
How DDoS Attacks are prevented?
As I said before, standard firewalls and WAF systems cannot identify or stop a DDoS attack. For preventing DDoS attacks, new cloud security services have emerged that are smarter in their identifying algorithms and at the same time, because they are distributed systems too, can stop a DDoS attack.
The most common method for disabling a DDoS attack is by distributing the incoming traffic on a website or web service among several different locations and proxy machines. The power needed to overwhelm such a distributed network of powerful proxy machines is beyond what any normal DDoS attack can deliver.
Hosting Companies and VPS providers can also mitigate DDoS attacks on their own, using their own network of servers and nodes to create a similar distributed system.
How DDoS Attacks are blocked?
There are heavy DDoS attacks that nonetheless find their way through the proxy cloud servers to the origin server(s) or VPS and cripple it. For the more advanced DDoS attacks which disguise themselves well enough to be rerouted to the origin server or VPS like normal traffic, these cloud security systems try to mitigate the attack by scanning the traffic for telltale signs of malicious intent and block a portion of traffic on that basis. This way, only healthy organic traffic reaches the origin server or VPS and it is not overwhelmed.
There is a whole industry around mitigating DDoS attacks and other types of cyber attacks that may threaten a website or web service running on a VPS, a server or several host servers. These cloud security companies often enter partnerships with hosting companies and VPS providers, so those companies can offer DDoS protection as a plus on their services.
Notable DDoS Protection Services
1. Project Shield
Project Shield is a powerful DDoS protection from Google, but not everyone’s invited.
Currently Project Shield is only available for media, election monitoring and human rights related websites. The primary focus is also on small under resourced websites which cannot afford expensive hosting solutions to protect themselves for DDoS.
Cloudflare are a giant in the field of DDoS Protection. They are a Content Delivery Network or CDN that includes Cloud Security systems, and cloud security includes DDoS protection. They offer free service for small websites but usually you will need to upgrade to paid plans when you encounter actual DDoS attacks (prices start at $200 or £149 a month).
3. AWS Shield
AWS Shield protection is provided by Amazon Web Services or AWS. There are many business and individuals who use AWS cloud services for hosting their websites, web services, or storing data. The ‘Standard’ tier of AWS Shield is available to all AWS customers at no extra charge. However, the bandwidth is still limited by the size of your service instance, so you may run out of bandwidth even when your services remain intact.
For AWS Shield Advanced tier you need to be willing to pay $3000 a month for a minimum of one year. Clearly that’s not for everyone.
4. Microsoft Azure
Like Amazon, Microsoft offers the option to rent service space via their service Azure. All members benefit from basic DDoS protection. For organizations in need of more sophisticated protection Azure also offers a ‘Standard’ tier. This has been widely praised for being very easy to enable.
Compared to AWS Shield, Azure stays on the more affordable side. Their Organizational Standard tier goes at $2944 a month, which is not really different from that of AWS.
5. Verisign DDoS Protection / Neustar
Note: Verisign’s security services are transferred to Neustar.
Verisign is a security company almost as old as the Internet itself. Verisign DDoS protection operates in the Cloud. Users can choose to redirect connection attempts with a simple change of their DNS (Domain Name Server) settings. Traffic is sent to Verisign for checking to prevent network attacks. Verisign analysis all traffic thoroughly before redirecting.
Best DDoS Protected VPS and Hosting
There are many types of use-cases where a website or web service may be targeted by DDoS attacks. Unfortunately, it is very common (and very easy) for business rivals to put DDoS attacks on each other’s websites and servers. It is even common for personal grudge, since DDoS attacks are very easy and cheap to order.
DDoS Protected WordPress VPS and Servers
A WordPress website is easy target for all kinds of attacks. It is the most popular Content Management System on the internet, so hackers always watch closely for new and undiscovered holes in the system to penetrate a lot of website and infect thousands of servers in one go.
Besides penetration and injection attacks (which cloud security systems usually cover, by the way) DDoS attacks are often used to take down a website. Since WordPress websites are not that complex, it is very easy to identify the hosting server or VPS to put a direct attack upon it. Moreover, WordPress is not the most agile and efficient CMS out there, so engaging its resources is doable even with a lightweight attack.
Cloudflare, one of the world’s leading Content Delivery Networks (CDN) and a great cloud security company, offers free DDoS protection for WordPress websites. However, when you are actually hit by an attack, you may need to upgrade to paid service.
WP Engine is a Managed WordPress Hosting service that offers DDoS protection as an extra on their hosting plans. they also provide a free SSL certificate which is a must for any website.
RouterHosting is another hosting company that offers DDoS protected VPS hosting suitable for WordPress websites.
SiteGround is also a Managed WordPress Hosting service who offer DDoS proctetion on their hosting plans for WordPress websites.
Best DDoS Protected Forex VPS
Forex trading is one of the use-cases for a server or VPS hosting that is highly sensitive to machine performance, execution speed, and latency. A forex trader needs to run their commands and trading bots smoothly and reliably at the fastest time possible. That is exactly the reason they migrate their processes to a reliable remote server or forex VPS in a datacenter, rather than their own local PC.
For that reason, a Forex VPS is highly vulnerable to DDoS attacks which exactly target the performance and connection of a machine. Even a small attack that doesn’t actually take the server or VPS out of order, can still hurt its performance greatly and increase latency considerably, which can severely increase the risk in forex trading.
There are some VPS hosting providers who offer specialized Forex VPS servers that include free DDoS protection:
- JavaPipe offers three plans
- IOZoom offers several plans
- com offer DDoS protected Forex VPS plans despite being very cheap.
- com is another website that offers VPS with DDoS mitigation
- Trading FX VPS offers DDoS mitigation on their VPS plans, although their prices may not be for everyone.
Best DDoS Protected Game VPS or Server
Games servers or Game VPS are another kind of publicly known servers which might be targeted by DDoS attacks. Game rivalry and all. A Game VPS or game server is a machine on the internet used to run a game server software through which several online players can join a gaming session and play together.
There are various Game VPS or Game Server providers but not all provide a DDoS protection system on their services. Here are a few:
- OVH Cloud provide different Anti-DDoS hosting plans which include Game servers as well.
- Evolution Host also provide DDoS protection for gaming as part of their services. Their cheapest plan comes at 10 euros a month.
- Core Labs are game server providers who offer DDoS protection on their services. Their plans start at 7 euros a month.
- RouterHosting are a VPS provider who offer specialized Game VPS hosting services with the extra DDoS protection included. Their plans start at $4.95/month for Linux VPS.
Best DDoS Protected General Hosting
OVH Cloud are a well-known hosting company providing all kinds of hosting services. They have great offers including added security and protection on all their hosting plans. (Did you hear about their datacenter burning down just recently, though? That was a huge bummer.)
A2Hosting are another well-known hosting provider who offer servers with DDoS protection included.
Some other notable hosting companies who offer DDoS protection include:
Best DDoS Protected VPS Hosting
Maybe you haven’t found your specific use-case in the options mentioned above, or are just looking for a general use VPS with DDoS protection. We are not short on those options. Many well-known hosting companies provide DDoS protection on their services.
RouterHosting are an experienced provider of all kinds of VPS machines, and their plans are usually among the cheapest in the market. Their starting Linux VPS plan comes at just $4.95/ month and they offer a very cheap Windows VPS with DDoS Protection and free Windows at $7.95/month.
OVH Cloud were mentioned before, but VPS machines are among hosting services they provide. DDoS protection included once again.
A2Hosting are a general hosting company who offer VPS hosting as well, and their VPS plans include DDoS protection too.