What is a Denial of Service attack?
A Denial of Service attack is a type of attack that sends its victim data that it cannot handle, preventing it from responding to legitimate requests. In turn, this effectively denies service to legitimate users – hence the name. DoS attacks come from one source of attack. DDoS attacks, on the other hand, come from multiple sources. Hence, why the name, Distributed Denial of Service.
DoS attacks can be targeted towards single machines/servers or entire networks. The end result is the same.
How do Denial of Service attacks work?
DoS attacks can be carried out in one of two ways. One method using flooding – a type of attack in which the machine or network is sent more information than it can possibly handle. This type of attack is also known as volumetric. The other method involves sending a specific type of information that makes the machine or network crash, typically exploiting a system vulnerability. This type of attack is also known as an Application Layer attack or Protocol attack – depending on what the attack aims to exploit.
Types of flooding attacks
DoS attacks have evolved over the years, adapting to changes in technology, to exploit new vulnerabilities while retiring those methods that are no longer effective.
In an HTTP flood, an attacker sends multiple HTTP requests to the webserver, effectively crippling it. HTTP floods are usually carried out via a DDoS attack with multiple computers who are often unsuspecting participants taking part in the attack. This type of attack is one of the most common types of DoS attacks today.
In an ICMP flood, also known as a smurf attack, the attacker takes advantage of a bad configuration to take down network devices. Most devices available today do not have this vulnerability and as such is not something that you’ll see very often, if at all.SYN flooding
In an SYN flood, the attacker starts a connection but does finalize it, leaving the server waiting for a response. With enough half-opened connections waiting for a response, the server can quickly run out of resources, leaving it unable to respond to legitimate requests.
Slow loris attack
If anyone ever claims IT people have no sense of humor, this disproves it. The aim of this type of DoS attack is to bore a server to death by sending the least amount of data possible as slowly as possible without the server dropping the connection. Open enough slow loris connections and the server will quickly run out of connections to serve legitimate users.
Why are Denial of Service attacks dangerous?
Denial of Service attacks are on the increase, with close to 3 million attacks reported in the first quarter of 2021 alone. Compounding matters, is the fact that DoS and DDoS attacks are becoming more sophisticated.
We see this in how attacks evolved from a simple ICMP flood to the Slow Loris attack – which uses connection threads to effectively take a server offline.
How to protect your WordPress website from Denial of Service attacks
If you’re hosting your WordPress website with a hosting provider, you’re more than likely protected against different types of attacks. While this does not make you immune to such attacks, it does lower the risk significantly.
Big companies such as Google and Amazon, governments, and entire countries have all been victims of DoS attacks.
As a WordPress website administrator or owner, one of the best tools at your disposal is to use a CDN – a distributed caching service that allows you to service users faster while offering a degree of protection from DoS attacks.
A good WordPress Web Application Firewall can also protect you from DoS attacks. Since the firewalls sits in front of your website, it can scan incoming traffic before it even reaches WordPress, with built-in algorithms able to distinguish between legitimate and DoS/DDoS traffic and shutting the latter down.