Is one of the reasons. Sarah wells: fully understand. Just as e-commerce is mission critical, or where the overall benefits are, it is more important to understand what these attacks are if we mentioned the key points above. Michael, can you introduce various types of DDoS attacks so that people can continue to successfully conduct business on the Internet and protect themselves? Michael smith: when thinking about how to protect ourselves from DDoS attacks, we believe that there are three types of attacks, and each type requires different protection mechanisms. So the first category is – the first category is volume attacks. As a result, such attacks typically generate large amounts of traffic that overwhelm the network hosting the site. Another example may be that the most common type of volume attack is DNS amplification attack. This attack is a way for an attacker to generate a large amount of bandwidth using a relatively small amount of bandwidth for a specific attack. The victim. Moreover, to protect yourself from such attacks, you usually need a high-capacity network with enough bandwidth capacity to withstand such attacks. Another attack category we consider is protocol layer attack. Therefore, they are attacks against the basic network protocols used for computer interconnection. These attacks typically target servers or the underlying network stack of these servers. This is a really common example. Perhaps the most famous protocol layer attack is SYN Flood, which uses the TCP protocol to connect from the client to the server. Essentially, SYN Flood works in such a way that these clients will start to open a connection to the server, but will not actually complete the connection process. This ensures that the server maintains this intermediate state on all clients connected to this half. With enough clients, performing this operation for a long enough time actually overwhelms the server’s status tracking table. Then start rejecting legitimate users from connecting to the site. Therefore, the protection function for such attacks is usually to determine whether you have great ability to absorb these attacks. This may mean that depending on your capabilities, you can have multiple systems, or tens or hundreds of systems, to absorb these attacks and spread their load. You do not need to meet all the requirements on the primary application server. The third type of attack we consider is the application layer. Therefore, in the context of a web site, the application protocol is http. Therefore, this attack simulates the entire HTTP request that an attacker sends to the server by default, and performs normal operations, such as rendering a page and sending it back to the client, so that the server can respond to it. For a WordPress site, it might include running PHP code, importing data from a database, recombining data into HTML pages and sending it back to the client, etc. All operations are required. If you do this – if there are enough clients requesting the task at the same time, it can overwhelm the ability of the server to process the request. Therefore, although this is difficult to defend, the usual method is: It’s really an ordinary method. A good starting point is to ensure that the server and network are optimized, fast and feasible. The stronger the ability to handle these requests, the less load is required to handle these attacks. In general, you can also perform actions such as enabling more aggressive caching, which is usually a good way to improve performance. However, caching can reduce the contention that the server must perform.
. The other thing you can do is to activate a web application firewall rule that blocks certain types of requests based on characteristics. Therefore, if you can identify the unique characteristics of attackers and distinguish them from legitimate users, you can write rules to stop bad people and let good people in. Finally, another mechanism is that if these tools do not work, a challenge page will be introduced, or captcha is common on the web. Users are essentially required to prove the following: They are human beings. After passing the security characters, robots and other automated scrollers can access sites that cannot access the site. This can shield more effectively. Sarah wells: indeed. Light column catcha is always interesting when answering questions. Michael smith: identifies the school bus. Sarah wells: yes. But I mentioned a very interesting thing here. There are such robots, bad actors, but also good actors. As Casey said before, there are also WP engine customers using event based projects. Well, generally speaking, they will see the big nail. Then, I know that there is a good robot for search, social optimization or this type of operation. It is conceivable that this will be an understanding when DDoS attacks are more serious and it is more difficult to defend against them. Michaelsmith: Yes, that’s right. If the site traffic surges, it may be an attack and a good event for many people to visit the site. First, it is necessary to identify and identify whether it is malicious. This helps you determine if you are taking steps to actually block specific visitors on your site. In addition, robots are good robots for robots. All the automated rollback programs on the web site are not bad. In fact, your search engine will continue to scroll the site to generate an index. I don’t want to stop Crowler from carrying out his mission. Therefore, this will become very difficult. In order not to have a negative impact on the legitimate use of the website, we should pay attention to how to perform this task. Sarah wells: someone I heard here today said, \
You can intercept from your network stack immediately before reaching the application layer later, or close to visitors. The fourth and probably most powerful approach is to protect such sites with specialized services. There are many commercial solutions to choose from. WordPress space has many vendors for people to use. Cloudflare is one of the things we often use and are familiar with here. In addition, there are many very good things, such as fastly, security, Imperva, Akamai, etc. All of these have different types of suppliers. And they all specialize in something else. Some focus on security and some on performance. Some are more suitable for enterprises, and some are more suitable for small enterprises. But in fact, you can choose from these tools. They can sit in front of the website and provide a lot of protection by providing the ability to act as a shield against these massive attacks. Sarah wells: excellent. Therefore, it is really important to use these things to defend at the forefront. Until then, Casey and Michael mentioned that we were building a partnership with cloudflare. What are partnerships from a product perspective and how can we leverage them to expand? This is a method that does not require customer management. Case RAIM: Yes, of course. Therefore, Michael mentioned several industry experts in this field. At this level, when we make decisions among industry experts, we have various criteria, just as we do when selecting partners. We really felt like we had found our home with cloudflare. They have the best in class content delivery network that can solve the caching problem Mike just talked about. In fact, it provides multiple levels of DDoS protection. So, obviously, it is exactly the same as what we are talking about today. But they are also WordPress sensitive companies. Therefore, they are committed not only to the compatibility of web application firewall and WordPress core, but also to the most commonly used plug-ins in the community. Sarah wells: excellent. Therefore, from a product point of view, you may over simplify the initially understood safety accident group to a higher level of table arrangement, basic protection level and safety awareness. Is this the approach taken within WP engine and in conjunction with the cloudflare partnership? Kathy REM: Yes. So we do. There are two levels of cooperation with cloudflare. The first is advanced network. Moreover, the advanced network is actually relatively new. Here, our idea is to switch the baseline between security and performance. So, back to the steak table we just talked about at the beginning, we really improved the grade. Through the advanced network, customers can access the cloudflare CDN network and the initial DDoS protection layer. In fact, with some image optimization. Moreover, this is free for customers of – WP engine. Again, from our perspective, this is because when customers talk about business needs, it is actually a new standard for table shares. Sarah wells: I fully understand the trend of more and more frequent DDoS. As Michael said before, it is better to bake it to determine whether there is forward defense. Although there is a higher level of security awareness, we also see it here. Case RAIM: Yes, of course. So just like we said.
