Using Cloudflare to stop cyber attacks in their tracks.

Craig Greenup 09/01/23, 09:00

As a website operator it might feel like security threats lurk in every corner of the web and that they are becoming harder to spot and fight off.

The risk of cyber attacks has always been there, but modern, cutting edge security measures have made it necessary for attackers to use increasingly complex and aggressive methods to gain access to your sensitive data, flood your systems, or make your website less competitive. Two of the more common forms you may encounter are DDoS and DoS attacks.

DoS and DDoS attacks in a nutshell

Denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks are attempts to make a computer or network resource unavailable to its intended users. A DoS attack is typically carried out by bombarding the target with traffic or requests for connection, overwhelming the system and preventing legitimate users from accessing it. A DDoS attack is similar, but it uses multiple computers or devices to generate the traffic or requests.

The result of both types of attacks is basically the same: the target system is either slowed down or rendered completely inaccessible to users. DoS and DDoS attacks can be carried out for a variety of nefarious reasons, though more often than not they are used as a tool for criminals to extort money from businesses by threatening to launch an attack unless a ransom is paid. Despite their different motives, DoS and DDoS attacks share one common goal: to disrupt the normal operation of a computer, website or network.

Shielded by Cloudflare

Cloudflare is a content delivery network and distributed domain name server service that retains information about the visitors to its customers’ websites. As such, it can protect against denial-of-service attacks (DoS attacks) and distributed denial-of-service attacks (DDoS attacks). When an attacker attempts to overload a server with requests, Cloudflare can spread the requests across its network of servers, helping to ensure that the original server does not become overloaded.

Additionally, Cloudflare can block malicious requests before they reach the server, helps to camouflage the true IP address of the server, and can provide additional security features such as a web application firewall (WAF). One of the most important features of Cloudflare protection is that it can detect malicious bots and unnatural traffic, so access to your site won’t be cut off for genuine users during peak times. There are four overall stages to mitigating DDoS and DoS attacks when using cloud-based services:

  • Detecting. The first stage involves detecting unusual spikes in activity. For this to be done effectively a site needs to distinguish between high traffic volumes linked to attacks and high volumes that are a natural fluctuation from your baseline
  • Responding. In response to unnatural traffic spikes, the network will drop traffic identified as malicious while absorbing the rest. This is done using a WAF
  • Routing. DDoS and DoS mitigation services will have the ability to route traffic adaptively to prevent system overload. This involves splitting the traffic into more manageable chunks and distributing it across the network
  • Adapting. A robust system will be able to adapt to your needs as they change. This looks different for each system and website but includes measures such as IP blocking, banning traffic from certain geographical areas, and recognising where protocols have not been used correctly