DDoS (Distributed Denial of Service) is a distributed denial of service attack. Network resource fails as a result of multiple (too many) requests sent to it from big number of compromised computers. Usually the attack is organized via botnets. The attacker infects the computers of careless Internet users. Infected computers act as "zombies" and send meaningless requests to the victims server.
A well-planned attack can disable almost any unprotected resource: from a business card site to a large corporate portal. Processing millions of requests, the server first “slows down” and then stops working altogether. When attacking VDS, all users of a physical server are affected, since all VDS on it share a common communication channel. In this case, the data center is also experiencing a huge load on the network connections, because it passes through all “zombified” traffic.
A DDoS attack can be relatively easy bought on the black market and used against any network resource that doesn’t please somebody.
It is no secret that sites, created to make business are being attacked most often. Few hours of service interruption for an online business converts to severe losses due to complete stop of orders.
When you launch promotion or announce new product a DDoS attack may strike your website. Most often such attacks are the machinations of your competitors. You can encounter “revenge attacks” or attacks for ideological reasons. Blackmailing for cash can be another reason.
The server is “down” - the victim suffers from losses. Unfortunately, the hosting provider will not be able to detect and report the names of entities responsible for the DDoS attack - it is almost impossible to find them.
Attacks are fundamentally different in terms of the level and in method to deal with them:
Our monitoring system quickly detects an attack and automatically blackholes the IP address of the server that is being attacked and propagates the blackholed IP address to the connected Internet service providers. Blackholing lasts while attack is active to prevent the negative impact on other clients. Attack detection algorithm analyses packet rate and size of packets destined to the attacked address, as well as the amount of incoming traffic.
You can access the server by activating an additional IP address on it through your personal account (in BILLmanager interface). For a server with OpenVZ virtualization, this will be enough to connect to the server via FTP or SSH. For KVM server, you need to contact support with a request to assign an additional IP address.
If you need access via the control panel of ISPmanager, you should contact support after assigning a new IP address - the staff will reconfigure the panel to operate on a new IP address.