A severe DDoS (Distributed Denial of Service) attack hit several big hosting services. It started last week. While many of the affected host providers were able to continue delivering site pages with only minor interruptions, the attack finally crippled a few of the EIG owned hosts such as HostGator and BlueHost on New Year’s Eve day.
Think of a DDoS attack like a two lane road with a truck hauling a wide load down it. Big botnets, that have lots of computers all ganging up on a server, are like that wide load. With that much rapid fire traffic coming into the server all at once, there’s very little bandwidth left for anything else to go out the other direction on that same road. Those things would be your site pages trying to respond to requests for view from your readers.
Some of those botnets are 90,000 computers strong. That’s the kind that specifically attacked WordPress sites this past summer, and what brought the EIG server farm in Utah to its knees, all right after they acquired HostGator. (Read BlueHost, HostGator, HostMonster, and JustHost Blackout on EIG Utah Servers)
A similarly strong botnet has been on the attack again this past week. And again, several of the EIG owned companies were overwhelmed and finally went down.
CloudFlare Has Been Affected Too
In this current attack, some CloudFlare DNS resolution errors have also been reported. So, if you are using that service, there’s no need to turn it off. That won’t really help. The issue is not with CloudFlare. It’s with your host’s connection to it.
This Happens All the Time
Here’s the truth. DDoS and other attacks happen all the time. Like, every day.
No host is immune to a DDoS attack.
The attacking computers in the botnet have so many different IP addresses that it’s impossible for the host service to block them all or sometimes to distinguish which are coming from legitimate sources and which aren’t.
The fact that this happens all the time and that most of us don’t experience down sites much at all is a technological miracle. For us to see outages like the one that is happening now, the attack has to be severe.
The Best Thing You Can Do
There are lots of reasons to move to a different hosting service. This may or may not be one of them. As I stated previously, no host is immune. But, here’s where they differ.
When a server is being attacked, the host may elect to transfer all the files from it to an empty server and redirect traffic there while they work to block IPs or repair damage to the affected server.
They use the backup files they create on your behalf for that. That backup is not guaranteed. And with some hosts, you cannot use it to restore your site. It’s important that you check to ensure your disk space usage is not maxed out and that there is enough room for the host to do those backups.
If you need help with that, contact me. Let’s clean out your piles of old emails and abandoned sites and free up that disk space.
Backup Backup Backup
It’s imperative that you have your own backups
and store them off site.
When hosts move files around, they can get a glitch. If your site gets trashed, too bad. If you store your backups on your host, and that server gets hosed, too bad.
If you store your own backups off site, and use a method that makes it easy to restore, then yippie. You’re back in business in no time.
I use and recommend BackupBuddy exclusively. I store my files on AS3.
Get my free report on How to Backup Your WordPress Site to see all of the backup and storage options I have tested, plus tips and info on backup settings.
Move to Better Hosting
As I said, no host is immune to attack. That includes any host’s VPS and dedicated packages. You can pay top dollar and your site could still go down. But, it’s likely that being on those expensive packages will ensure that your files get top priority in service when an attack happens and you may never see an outage.
That’s great, if you can afford it. Most of my clients can’t. Most of them are on shared hosting packages.
Even before the blackouts, the quality of service at both BlueHost and HostGator was rapidly deteriating after EIG bought them out. They used to be my preferred vendors. But, that summer blackout was my last straw. So I moved to A2 Hosting. And I’ve taken a lot of my clients with me.
Yes, A2 is one of the host providers that is caught in the DDoS attack that’s happening right now. But, they’ve been able to keep me and my client’s sites up most of the time throughout. They have not experienced a total blackout. And email has not been disrupted either.
Ready to Go
If you’re fed up with poor service, sluggish speed, bad tech support, and too many blackouts, consider moving to a better host.
Get my A2 Hosting Migration Guide that will take you through all of the steps, including how to get a discount.
Yes, you potentially lose money every minute your site is not available. If you are losing a lot of money, then it’s time for you to consider shelling out the big bucks for hosting with privileges.
Otherwise, be patient. Every host provider is working as hard as they can to fix the problem. Some work just as hard to prevent them. In fact, A2 Hosting has become quite proactive about that and has offered all clients a free malware scan service. They want everyone to be as safe as possible, especially on shared hosting.
Secure Your Site
This attack will pass. And when it does, be ready to get your site squared away with a better backup, or better hosting, or whatever you need to do to keep your site secure. That’s what the botnet attack is all about. It’s trying to break the server through the weak spots. Don’t let your site be one of them.
For a full site security audit, contact me.
Together we’ll look at your security all the way to the core, as well as your plugins and theme, and WordPress settings. And we’ll fix everything we can right there on the spot. I’ll also provide you with a written 20-point report so you’ll know everything that is okay with your site, and everything that needs attention.