CloudFlare is a popular CDN/DDoS mitigation service that is widely used in our community.  There is a free version that many hobbyists use, and of course you can pay for more services and better protection.

A common perception is that if you put CF in front of your website, you are immune to DDoS attacks.  That is true (within the limitations of CF’s capabilities) if you’re on a dedicated server.  But for a VPS and especially for shared hosting, the situation is quite different.

Let’s look at some pictures.

Here’s a typical shared hosting setup.  Could be cPanel or it could be DirectAdmin.  There’s a server with dozens, perhaps hundreds or even thousands of unrelated domains being served.  Some of them are behind CF and some are not.  Visitors are either interacting directly with these sites (for example, example.com) or are going to CF.

If the site is 100% static, then CF has no need to talk to the server after its cache is initially populated.  But that’s rare these days.  Most sites have some interactive or dynamic content.

Now let us interrupt this happy scene by introducing a bad actor.

Someone doesn’t like the content on example.com for whatever reason.  Could be political, religious, a competitor, or just someone who’s not very mature taking offense at everything.  He decides to launch a DDoS attack against that site.  It quickly becomes overwhelmed and stops responding.

But here’s the thing…

His DDoS attack might swamp the entire shared hosting server, which means that all of the sites on that server stop responding.

Yes, CF is still up and working great, but once CF can’t talk to the server, none of the dynamic content will come through.  Users will get the “you’re viewing a cached copy” message (at best).  If your site is WordPress, a forum, etc. then users effectively can’t see it.  If you’ve got a shopping cart, you can’t do business.

In short, the problem isn’t that you attracted a DDoS attack.  It’s that someone else, who has no DDoS protection such as CloudFlare, did and they’re on the same server as you.

Does this affect VPS servers?  Yes, to some extent.  It’s possible to swamp a VPS host node.  However, there are not as many web sites usually, so the number of domains that might act as magnets for DDoS attacks is smaller.  It’s really not unusual to have several thousand sites on a shared hosting server, and you don’t typically see as many on a VPS server.  People use VPSes for things other than web servers, though some of these (e.g., game servers) can be DDoS magnets in and of themselves.

The Solution

The best solution is to go with either a dedicated server or a host who providers DDoS protection for their whole network.  With a dedicated server, you’re in much more control of your fate.  Or sign up for a provider who protects their entire network with DDoS protection.

Related LowEndTalk thread this week: How You Handle Dos & DDoS Attack?

• Author
• Recent Posts

raindog308

Dread Lord of LowEnd Content at LowEndBox

I'm raindog308, techno polymath and long-time LowEndTalk community Administrator. My technical interests include all things Unix, perl, python, golang, shell scripting, vintage operating systems such as MVS, and relational database systems such as Oracle, PostgreSQL, and MySQL.

I also enjoy using LEBs! I have an empire of little guys for VPNs, larger guys for apps, and big guys for databases and storage. When I'm not in front a screen I'm into German Shepherd dogs, quality knives, target shooting, theology, tabletop roleplaying games, and forest hiking.

I enjoy writing technical articles here on LowEndBox to help people get more out of their systems. You can find me on LowEndTalk @raindog308

Latest posts by raindog308 (see all)

• COMMUNITY NEWS: RackNerd LLC, Global IaaS Provider, Expands European Footprint with New Dublin, Ireland Datacenter - November 16, 2024
• Hey Providers – Want Some FREE Advertising During the SuperBowl? - November 14, 2024
• Inception Hosting is Closing Its Doors - November 12, 2024