分布式拒绝服务 ( DDoS ) 攻击随时可能发生在任何人身上。如果您有一个^{(you have a website)}在专用 Web 服务器上运行的网站，那么了解什么是DDoS攻击、如何识别它以及如何阻止和防止它是很重要的。

什么是 DDoS 攻击？

分布式拒绝服务攻击是指黑客使用僵尸网络在很短的时间内向您的 Web 服务器发送大量HTTP请求。^(HTTP)

僵尸网络是互联网上的一个非常大的计算机网络，这些计算机感染了病毒，将它们转变为黑客软件的中继站。僵尸网络中的大多数计算机都是被病毒感染的普通计算机，而用户甚至没有意识到这一点。

在正常运行期间，Web 服务器向访问者提供您的网页，如下所示：

• 一个人在他们的网络浏览器中键入您的URL 。
• Web 浏览器向网站URL^(URL)发出HTTP请求。
• 您的 ISP 的DNS 服务器^{(DNS servers)}将URL转换为 Web 服务器的正确 IP 地址。
• HTTP请求通过Internet 定向到 Web 服务器。
• Web 服务器使用URL中请求的页面来查找正确的HTML文件。
• Web 服务器使用该HTML文件中包含的所有内容进行响应。
• 用户的浏览器接收HTML文件并向用户显示页面。

大多数 Web 服务器的大小都配备了CPU和网络硬件，以处理每天的平均预期流量。对于某些网站，一天内访问量可能高达十万甚至一百万。

但是，希望通过DDoS攻击来攻击您的网站的黑客将利用来自世界各地的数百万台计算机的僵尸网络，每秒向您的 Web 服务器发送数千个HTTP请求。^(HTTP)

由于您的 Web 服务器的大小不适用于该流量，因此 Web 服务器将使用错误消息“服务不可用”来响应您的常规网站访问者。^{(Service Unavailable.)}这也称为HTTP错误 503。

在极少数情况下，当您的站点运行在一个非常小的 Web 服务器上且可用资源很少时，服务器本身实际上会冻结或崩溃。

如何识别 DDoS 攻击？

您如何知道您的网站是否因DDoS攻击而关闭？有一些症状是致命的。

通常，上面描述的HTTP 错误 503^{(HTTP Error 503)}是一个明确的指示。但是， DDoS^(DDoS)攻击的另一个迹象是带宽非常强劲。

您可以通过使用您的网络主机登录您的帐户并打开Cpanel来查看此内容。向下滚动到Logs部分并选择Bandwidth。

过去 24 小时的正常带宽图表应该显示一条相对恒定的线，除了一些小的尖峰。

但是，最近一个小时或更长时间保持高位的不成比例的带宽峰值清楚地表明您正面临 针对您的 Web 服务器的DDoS攻击。^(DDoS)

如果您认为自己发现了正在进行的DDoS攻击，那么迅速采取行动很重要。^(DDoS)这些攻击会消耗大量的网络带宽，如果您为托管服务提供商付费，这意味着他们的数据服务器将经历同样的带宽峰值。这也可能对其其他客户产生不利影响。

如何阻止 DDoS 攻击

如果您面临DDoS^(DDoS)攻击，您自己无能为力。但是通过致电您的网络托管服务提供商^{(your web hosting provider)}，他们可以立即阻止所有传入您的网络服务器的HTTP请求。

这会立即减轻对 Web 服务器的需求，从而使服务器本身不会崩溃。它还可以防止攻击对托管服务提供商的其他客户产生不利影响。

下一步是等到DDoS攻击结束。

这种攻击实际上需要大量的黑客资源。通常，攻击是由想要关闭您的网站的人支付的。这些付款是针对持续特定时间段（从一个小时到几个小时）的攻击。

好消息是攻击将会结束。坏消息是，通过在攻击结束之前阻止到您的 Web 服务器的所有流量，想要关闭您网站的人基本上赢了。

如何击败 DDoS 攻击

不幸的是， DDoS攻击是一种在短时间内关闭网站的简单且廉价的方法。

这些攻击永远不会是永久性的，但它们旨在发送信息。这意味着您在您的网站上发布的内容足以让某人感到不安，以至于他们愿意花钱请黑客攻击您的网站。

如果您经营一项重要的在线业务，例如大型企业，并且需要您的网站能够抵御DDoS攻击，这是可能的，但并不便宜。

DDoS 保护服务通过建立一种比运行DDoS攻击的僵尸网络更大的反僵尸网络来工作。这会为传入的HTTP^(HTTP)请求创建分布式响应，即使这些请求有数十万或数百万个。

这些服务附带每月服务费。但是，如果您发现自己经常成为DDoS^(DDoS)攻击的受害者，那么这些DDoS 保护服务可能非常物有所值。

DDoS 攻击充其量只是一个小麻烦，会导致您几个小时的网站停机时间。在最坏的情况下，它可能会让您失去大量的在线业务，更不用说信任您网站的客户减少了。

了解如何识别DDoS攻击以及如何阻止它可以减少您的停机时间，并减少您和您的托管服务提供商从中恢复所需的时间。

How To Identify a DDoS Attack On Your Server & Stop It

A distributed denial of service (DDоS) attack can happen to anyone, at any timе. Іf you have a website that’s running on a dedicated web server, it’s important to understand what a DDoS attack is, how to identify it, and what to do to stop and prevent it.

What Is a DDoS Attack?

A distributed denial of service attack is when a hacker uses a botnet to send your web server an overwhelming number of HTTP requests in a very short period of time.

A botnet is a very large network of computers across the internet that are infected with a virus that transforms them into a relay for the hacker’s software. Most computers on a botnet are regular computers that have become infected by a virus, and the user doesn’t even realize it.

During normal operation, a web server provides your web page to visitors as follows:

• A person types your URL into their web browser.
• The web browser issues an HTTP request to the website URL.
• Your ISP’s DNS servers converts the URL into the correct IP address of the web server.
• The HTTP request gets directed across the internet to the web server.
• The web server uses the page requested in the URL to find the correct HTML file.
• The web server responds with all of the content contained in that HTML file.
• The user’s browser receives the HTML file and displays the page to the user.

Most web servers are sized with CPU and network hardware to handle the average expected traffic per day. For some websites, that could be up to a hundred thousand, or even a million visitors in one day.

However, a hacker hoping to attack your website with a DDoS attack will utilize a botnet of millions of computers from around the world, to send thousands of HTTP requests per second to your web server.

Since your web server wasn’t sized for that volume of traffic, the web server will respond to your regular website visitors with the error message, Service Unavailable. This is also known as HTTP error 503.

In rare cases where your site is running on a very small web server with few available resources, the server itself will actually freeze or crash.

How To Identify a DDoS Attack?

How do you know if your website just went down because of a DDoS attack? There are a few symptoms that are a dead giveaway.

Usually, the HTTP Error 503 described above is a clear indication. However, another sign of a DDoS attack is a very strong spike in bandwidth.

You can view this by logging into your account with your web host and opening Cpanel. Scroll down to the Logs section and select Bandwidth.

A normal bandwidth chart for the last 24 hours should show a relatively constant line, with the exception of a few small spikes.

However, a recent disproportionate spike in bandwidth that remains high over an hour or more is a clear indication that you’re facing a DDoS attack against your web server.

If you believe you’ve identified a DDoS attack in progress, it’s important to act fast. These attacks consume a lot of network bandwidth and if you’ve paid for a hosting provider, that means their data server will experience the same spike in bandwidth. This can have an adverse impact on their other customers as well.

How To Stop a DDoS Attack

There is nothing you can do yourself if you’re facing a DDoS attack. But by calling your web hosting provider, they can immediately block all incoming HTTP requests headed toward your web server.

This instantly relieves the demand on your web server, so that the server itself won’t crash. It also prevents the attack from adversely affecting the hosting provider’s other customers.

The next step is to wait until the DDoS attack is over.

Such an attack actually requires significant resources for hackers. Usually, the attack is paid for by someone who wanted to shut your website down. These payments are for an attack that last a specific period of time, from an hour to several hours.

The good news is that there will be an end to the attack. The bad news is that by blocking all traffic to your web server until the attack is over, the person who wanted to shut down your website essentially won.

How To Beat a DDoS Attack

Unfortunately, DDoS attacks are a simple and inexpensive way to shut down a website for a short period of time.

The attacks are never permanent, but they’re intended to send a message. It means that something you’ve published on your website upset someone enough that they were willing to pay hackers to attack your site.

If you run a critical online operation such as a large business, and need your site to be resistant to DDoS attacks, it’s possible but it isn’t cheap.

DDoS protection services work by establishing a sort of counter botnet that’s larger than the botnet running the DDoS attack. This creates a distributed response to the incoming HTTP requests, even if there are hundreds of thousands or millions of those requests.

There are monthly service fees that come with those services. But if you find yourself a frequent victim of DDoS attacks, these DDoS protection services may very well be worth the cost.

DDoS attacks can be at best a minor nuisance that causes you a few hours of website downtime. At worst, it could cost you a significant amount of lost online business, not to mention a drop in customers who trust your website.

Understanding how to identify a DDoS attack and how to stop it could reduce your downtime, and reduce the time it takes for you and your hosting provider to recover from it.

Related posts

• 如何使用CMD在Website上执行DDoS Attack

• 如何将您的计算机变成 DLNA 媒体服务器

• 如何隐藏您的 WiFi 并阻止陌生人登录

• 如何设置自己的电子邮件服务器

• 如何在域中查找 NTP 服务器以同步所有 PC

• 如何将 Xbox One 或 Xbox Series X 恢复出厂设置

• 如何在 Windows 上打开 JAR 文件

• 如何将多页扫描成一个 PDF 文件

• 如何让您的 PC 软件自动更新

• 3 个在您的服务器中播放音乐的最佳公共 Discord 机器人

• 使用这 3 个电子邮件客户端创建 Gmail 桌面应用程序

• 月球照片的 6 种最佳相机设置

• 使用 Netstat 查看 Windows 中的侦听端口和 PID

• 关闭特定应用程序的用户帐户控制 (UAC)

• 如何禁用 Windows 键

• 如何在 Windows 7/8/10 中删除 Windows.old 文件夹

• 如何在 iPhone 和 Android 上扫描二维码

• 如何使用 Firefox 专用网络在线保护自己

• 如何将 WEBP 图像转换为 JPG、GIF 或 PNG

• 如何在 Microsoft Teams 中创建团队