Assorted Thoughts on Website Buying, Selling and Monetizing

As you may know our site was attacked about three months ago. It was covered in this thread and this one.

I've been meaning to share with you what I learned, but never got around to it. Today, acorndomains is under attack, their admin has contacted me and we're chatting privately about this.

I thought it's about time I put this post together.

First, for those of you who don't know what a Distributed Denial of Service attack is - it's very simple: when a large number of PCs all request files from your site at the same time it overloads your server and makes the site inaccessible to everybody. Why would a large number of PCs all work in tandem to cripple your site? Because those PCs are owned by muppets who haven't keep their anti-virus up-to-date. These machines are compromised and at the beck and call of the bad guys. When a command is sent out to all of them to load your site in the browser they gear into action and execute that command.

The size of these bot nets vary. Some "hackers" have tens or hundreds of thousands of compromised PCs in their botnet. They'll typically use a few of those first to test the resilience of your hosting service and keep increasing the size of the attack till your site becomes inaccessible. They then know how many hits your hosting account can take before falling to its knees.

Your typical reaction would be to first contact your hosting company. They may or may not recognise the problem and if they do they may just null route you i.e. turn your site off. They may try some small-fry actions like blocking IPs or blocking a whole country etc. These are invariably short term solutions. The attack methods will change and you'll go down again.

There are only two effective solutions to a DDOS attack:
1. Keep your site offline till the attack is past.
2. Move to a hosting company that specialises in DDOS protection.

The former is often not an option for a commercial site. If your site isn't earning a huge amount everyday (say $xxx) then I would go for this option. The bad guys will eventually give up. It costs them money (lost opportunities elsewhere) the longer they keep up the attack on your site. It also compromises their identity if they attack one site for too long. So they tend not to keep the attack going for more than a few days at a time.

The second option can be very expensive. A good DDOS host has hundreds of thousands of dollars of equipment geared specifically to dealing with DDOS, maybe millions of dollars worth. And they have the skills your average host will simply not have in-house. They may charge from a few hundred dollars per month to several thousand dollars a month for enterprise grade protection. What level of protection you need depends on the size of the botnet owned by the person/s you've p*ssed off. Play the botnet at its own game. Start small and scale up your hosting protection till you're safe against their attack. Most DDOS hosts will allow you to keep upgrading your package till you reach the right level of protection.

Reasons behind DDOS attacks

Why do they do it? Sometimes it's for money. They'll take you offline and then offer to call off the attack if you pay them a certain sum of money. Paying them off is not a good idea. If they realise you're a soft touch they'll come back again and again.

Reason 2: Because they're annoyed with you or something you've said.

Hope this was useful. If any of you ever suffered a DDOS attack please share your experience/advice.

Go to thread >

.