DDoS stands for Distributed Denial of Service. When someone launches a DDoS attack, hundreds (or thousands) of computers and servers around the world simultaneously send traffic to a web server – or most often, a specific site on a server – in an attempt to take the site down by overwhelming the server.
When a site on our network is the target of a DDoS the effect on your site can range from none, to slowing it down, to making it completely unavailable. The reason for that is DDoS attacks vary in method and severity, and many of them are counteracted before anyone even notices a problem. Others are more intense or sustained or difficult to counteract, and everyone notices those because they can potentially cripple the network.
Why does an attack on a single site affect the entire network?
A sufficiently large attack on a single site can send enough traffic to the network to overwhelm the routers that live at the entrance to our network. The largest measured DDoS at the time I’m writing this was over 400 gigabits per second – that’s 400 billion bits of data. Per second.
To put that in perspective, some of the most massive and expensive network switches available can handle 100 Gbps, and most common switches are built to handle only 1 or 2 Gbps of traffic. That may sound small compared to a 100 Gbps switch, but it’s more than sufficient for most networks. We host tens of thousands of sites, and our average network traffic is around half a gigabit.
So you can see why an attack large enough to overwhelm the switches can affect every site on the network, including the main DiscountASP.NET site, email, Control Panel, helpdesk, etc.
The method for dealing with large attacks is essentially the same as dealing with smaller ones, but the overall impact is naturally worse, since everyone is affected. Attacks on a scale large enough to effect the entire network are still uncommon, but becoming more of a threat every day, for reasons I’ll spell out in a minute.
What does DiscountASP.NET do to counteract a DDoS?
The methods we use to counteract DDoS attacks are varied and have included just about every method available: DDoS mitigation services, intrusion detection devices, null routing, etc. There are a lot of methods out there, but often the most effective thing we can do is be reactive and responsive. Our network is continuously monitored for malicious traffic, and we have direct control over null routing on all of our backbone connections.
When a DDoS targets a specific site, they are relatively easy to counteract. Though more often than not these days, DDoS do not directly target a domain or an IP, so it takes a bit of time to determine the target (and determining the target is necessary to counteract the attack).
In the past we could just throw massive amounts of bandwidth at an attack to absorb the traffic and mitigate the attack’s effect. But that approach has become much less effective as of late. The botnets have become too large, and a rapidly increasing number of the compromised computers are on broadband connections in homes or corporate servers in large data centers.
While there still isn’t any way to prevent a DDoS before it happens, be assured that we react to every incident of possible malicious traffic immediately and respond with whatever methods are likely to be most effective as quickly as possible.
Why do DDoS attacks happen?
There are a lot of reasons, ranging from political protest to personal grudge and a million other reasons in between. Humans launch these attacks and or course humans can be unpredictable and irrational. When we determine the target of DDoS attacks there is often no outward reason why the site would be attacked. So the reason isn’t always obvious.
The problem – and the reality – is that no matter what we do, inevitably some DDoS attacks are going to have an effect on the network, and possibly your site. It isn’t just us, it’s every site and host everywhere, including the biggest sites on the Internet. Unfortunately, if they can take down Microsoft or Amazon, they can take down DiscountASP.NET. It’s something we are all coming to grips with and trying to learn to prevent.
Where to go for information in the event of a large DDoS attack
If you suspect that a large scale attack is happening, you can check our Twitter, Google+ and Facebook pages for updates and information. We will also be moving our community forum to a server outside of our network sometime soon in order to keep that communication channel open in the event of a large attack.
If a DDoS affects your site you can be sure that we are doing all me can to stop it and return the network to its maximum capacity.
Today we are announcing a new Cloud Backup solution that will backup your website off-site onto the Amazon cloud. The service comes with a web-based management portal to manage backup scheduling, versions and restoration.
A solution for “Oops” recovery
We’ve all done it – accidentally deleted an important file or overwritten something that broke a site or threw off the entire layout. Having a previous backup could save hours of painstaking work.
Bounce back quickly from website hacks
Hackers are constantly probing and learning how to exploit application vulnerabilities. No matter how vigilant you are in patching and updating, it’s still possible for hackers to gain access to websites and replace pages, or place malicious code or files within your site. Cloud Backup can help you quickly recover in the event of any hacking activities, restoring your site with a previous clean version.
Cloud Backup can access your MySQL database and back it up automatically.
Backing up your SQL database is a two step process. The SQL backup tool in the control panel will copy your SQL backup into your web space and will be backed up with your site. You can run the SQL backup tool manually or automate the process using our SQL backup API.
Check out our site for more information on plans and pricing and learn how Cloud Backup can help you achieve peace of mind.
1. We launched Everleap
This project was brewing in R&D for a couple of years and we are excited to launch our cloud hosting solution at Everleap.com. Everleap is powered by Windows Azure Pack (WAP) and provides scaling options that do not exist at DiscountASP.NET. We were the first host to launch a production hosting solution using the websites functionality of WAP.
Over the years, we’ve witnessed web applications becoming more sophisticated and complex and customers outgrowing traditional shared hosting services. So we wanted to provide a hosting solution for growth but we were not so keen on doing the same old VPS and dedicated hosting as all the other hosts.
Now with Everleap, we have a great upgrade path for our shared hosting customers, seamless scaling options that are not easily found at traditional hosts, all offered at flat, fixed pricing without mystery bills. In fact, we are offering free migration services for DiscountASP.NET customers who want to move to Everleap.
2. SQL 2014 hosting in the US and Europe
As always we try to keep up to date with new Microsoft technology releases. We launched SQL 2014 hosting in both our US-based and Europe-based data centers.
3. Managed TFS 2013 hosting in the US and Europe
We launched Managed Team Foundation Server 2013 hosting in both our US-based and UK-based data centers. This is a great option for businesses that want their own instance of TFS that is not shared with any other users and/or those who require server-side customization. TFS 2013 includes real-time collaboration enhancements with Team Rooms.
4. Exchange ActiveSync
ActiveSync was an “ask” from many customers, and now some new updates in Microsoft licensing make it possible for us to offer this feature. Exchange ActiveSync helps sync your email, calendar, contacts and tasks with the Smartermail email server and your mobile devices in real time – including Google Android, Apple iPad and iPhone, Motorola, Nokia, HP, Samsung, LG and Windows Phones.
5. SSD powered Reserved Cloud Servers at Everleap
On our Everleap cloud hosting solution, we introduced SSD accelerated Reserved Cloud Servers. The Reserved Cloud Servers are your own private VM that is reserved to serve only your sites, no other customers. So you get to use all the resources of the server, meaning all the CPU and RAM and there is virtually no constraint on idle timeouts and concurrent connections. We offer them in three flavors – small (1 CPU, 1 GB RAM), medium (2 CPU, 2 GB RAM) and large (4CPU, 4 GB RAM). These are a great option to grow into for CPU intensive or memory hungry apps.
6. Smartermail update
Admittedly, we did not keep up to date with Smartermail updates over the years. In 2014, we updated all our mail servers with the latest Smartermail version and we will work to keep up with the updates.
7. Git integration at Everleap
Many developers are using Git for their version control nowadays. We had customers ask about Git but integrating Git with DiscountASP.NET is difficult. However, WAP includes features to integrate Git so we offer Git publishing over at Everleap. We even host a local Git repository in your account. You can add additional users with Git publishing rights as well.
8. TFS 2013 Updates 1-4
Microsoft is adopting a faster cadence for releases. With Visual Studio 2013 we saw 4 updates released throughout 2014. So for our TFS 2013 hosting service, we stayed up to date with all the updates. But we don’t go ahead and blindly install updates. We test them out as thoroughly as possible and we schedule the updates with our customers.
9. Urban Turtle for Managed TFS 2013 and TFS 2012
For a while there, we were only able to support Urban Turtle for TFS 2010. Now, the latest Urban Turtle tools for TFS 2013 and TFS 2012 are available for our Managed TFS hosting solution. And, as discussed in the previous item, Microsoft’s fast release cadence can cause breaking changes with add-ins. So when we apply updates to TFS, we also work with Urban Turtle to make sure compatibility issues are ironed out.
10. Microsoft Gold Partner renewed
I know I may sound like a broken record (remember those?) but I think the renewal of the Microsoft Gold Partner status it is something important to include here because it is not a trivial task to maintain. With Microsoft continually raising the bar for the Gold Partner level, we’ve witnessed many hosts dropping in partnership level. Maintaining the Gold status is an investment and a differentiator.
Thank you for powering through and reading this long post and we look forward to having more things to talk about in 2015!
Many of you have asked for it, so I’m happy to announce that Exchange ActiveSync is now available as an add-on enhancement. You can activate this add-on through the Control Panel.
Though Exchange ActiveSync has been supported on SmarterMail for some time, it is only now with changes to how Microsoft licenses this technology that we are able to launch this feature.
For those unfamiliar with Exchange ActiveSync, it is a protocol that has become a de facto standard to sync groupware and mobile devices. With the ActiveSync add-on, your email, contacts, calendar and tasks are synchronized between our mail servers and your mobile device (e.g. your smartphone or tablet) in real time.
ActiveSync includes synchronization support for most mobile devices on the market, including Google Android, Apple iPad and iPhone, Motorola, Nokia, HP, Samsung, LG and Windows Phones.
We know that we are a mobile society and having access to information on-the-go is increasingly important for your business and personal life. So we are glad to be able to make this feature available to help you be even more productive.