Sign in
en
Home Blog Technical articles

What is a DDoS attack? How does Nginx handle them?

What’s rhat DDOS-attack?

This is a very large number of requests sent to the server in a short period. Requests can be use of your site, such as opening web pages, pictures, and other similar elements, that's just not very effective. To do the most harm, it need to find a vulnerability in your site, one of it can be the registration. That is why most popular sites put protection against bots, since the database is quite a vulnerable place.

What’s purpose of DDOS-attack?

The purpose may have difference, but not much. The main purpose is to give a load to the host machine so that it stops accepting requests from customers, in part, or completely. Here is the difference, DDoS can be used to crack the site data, and then hurt it, or simply load the host so that it will not accept customer requests for a long time, and this will affect it’s popularity, because people don't  use the non-working site.

How do I know if a site is under a DDoS attack?

It’s simple. There are several ways to find out. The simplest thing is to open a site, if it doesn’t show parts that aren’t downloaded, such as pictures, or any other elements, there is a possibility that it’s under attack. The site can also hang, load for a long time, or simply not open. It's worth saying that if you notice this, don’t make conclusions, maybe it's not DDoS. You can check it in the second way. For confirmation, you need to see the number of requests from the same IP-addresses, if there are more than the person can leave, when he view your site, they are constantly repeated, most likely this is DDoS-attack.


What are the ways to protect the site using Nginx?

The Nginx web server can manage traffic when it notices a large number of identical requests from the same IP address, it can block them by limiting the number of maximum requests. Then the attack bot can’t be effective. Also one of the decision  to combat similar attacks  is distribution. It’s used under heavy loads, when one server is overloaded with requests, and can’t respond  more. It redirects all remaining requests to the nearest server, and the server, in turn, processes them, and sends it to the user. This is useful in cases of attack from different IP addresses.

Technical articles