How should the website be protected against CC? CC attack is a type of DDOS (distributed denial of service). It is the attacker who uses proxy servers or a large number of broilers to simulate multiple users to continuously visit the target website, generate legitimate requests to the victim host, occupy the resources of the target website, and make normal users Service requests cannot be responded to in time, realizing masquerade attacks.
In recent years, the Internet industry has developed rapidly. Because of the huge profits, competition is also fierce. Game websites, chess and card websites, including corporate websites, entertainment websites, shopping websites, etc., have crashed websites and server systems due to various cyber attacks. Customers cannot access normally. If CC protection measures are not taken, it will lead to the following consequences:
1. Affect normal business, cause server abnormalities, frequently fail to open websites or applications, fail to access, freeze, etc.;
2. Leading to the loss of customers. For e-commerce, online business and applications, if users cannot access normally, it will definitely lead to the loss of a large number of users;
3. Economic losses are caused, peers compete maliciously, and CC attacks are launched. Then the attacked party will spend a lot of extra costs, and there may also be extortion in the financial industry;
4. Increase operation and maintenance costs. If you are under attack, you may need to upgrade the original hardware configuration and bandwidth if you want to restore normal use, or even hire professional operation and maintenance personnel to deal with the attack.
So, what should we do after the website is attacked by CC? For CC protection, a variety of methods must be adopted, and these methods are essentially improving the concurrency of the server.
1. Server vertical expansion and horizontal expansion or server replacement;
2. The data cache uses memory-based nosql cache services such as redis and mem-cached, and is separated from the application server and deployed separately in the LAN;
3. The page is static, reducing the pressure of data retrieval and calculation on the server side;
4. Use Session to set the user's call frequency limit;
6. The server operating system itself has the ability to resist attacks, and you can choose an enhanced TCP/IP stack to enhance CC protection capabilities;
7. Server front-end plus CDN relay, hide the real IP of the server;
Make sure that the web server is or has been subjected to CC attacks, and effective CC protection can be carried out: domain name spoofing resolution can be performed to realize attackers attack themselves, or cancel domain name binding, so that CC attacks lose their targets. You can also set the IP blacklist for CC attacks in the firewall, but it is easier to add normal users to the blacklist. If the attacker mainly launches the attack through the attack port, we can defend the attack by modifying the web port. Finally, you can also install a firewall to defend against attacks.
This article is from: https://www.zhuanqq.com/News/Industry/284.html