DoS Attacks

Denial-of-service attacks (DoS) are the easiest to detect. The purpose of this type of attack is to stop the service. Unfortunately, one device is enough for the attacker to make access to the website completely inaccessible (e.g. - Slowloris attack).

domain@1x-e1682086444842

Get rid of customer complaints that don't end now!

Enjoy speed, strength, security and advanced management of cloud servers from Cloud Coden

DoS Attacks

About DoS Attacks

When a DoS attack occurs: the system slows down, server load increases, web pages fail to load, and the server can become completely unresponsive. While DoS attacks are more evident on HTTP(S), attackers also target other protocols, including FTP, SSH, IMAP, POP3, and SMTP.

Problems

  • High pressure on the server

  • Use high memory

  • Decrease in service and inaccessible server

How do we differ from other solutions?

Detection force DoS in Cloud Codeine

Cloud Coden continuously monitors the number of connections to your server. If an excessively large number of simultaneous connections is detected, HostLife automatically adds the IP address to the blacklist for 60 seconds to ensure blocking all communication from the attacking IP.

Subsequently, the IP address is moved to the graylist, allowing authorized users to remove it if there is legitimate login activity. Cloud Coden’s DoS Detection also works alongside our AntiFlood module. When repeated attempts to disrupt the service occur, the IP address will be placed on the blacklist for a longer duration.

The default setting (80 active connections simultaneously) ensures a low false positive rate and effectively prevents DoS attacks. This threshold can be configured per port, as well as for inbound and outbound communications.

Common Questions for DoS Attacks

Technical Support 24/7

How many connections from a single IP address will block it?

When an IP address exceeds 80 active connections simultaneously, it will be automatically added to the blacklist. After 60 seconds, the IP address will be placed in the graylist, allowing authorized users to remove it. You can configure the ban for each port and for both inbound and outbound communications.

Does Cloud Coden DoS detect distributed denial of service (DDoS) attacks as well?

DDoS attacks with network-layer complexity (such as SYN flooding, ICMP floods, and UDP floods) are designed to overwhelm network devices, making it challenging for servers to directly block such attacks. However, Cloud Coden indirectly provides protection against DDoS attacks. By continuously updating our global list of malicious IP addresses, Cloud Coden has already blocked most botnet networks. Typically, the same IP addresses associated with botnets are used to launch DDoS attacks, and our system automatically blocks their requests.

What ports prevent Cloud Coden DoS Detection attacks?

DoS attacks target multiple protocols, including HTTP, FTP, POP3, IMAP, and any other attacks based on the TCP protocol. By default, the following ports are monitored: 80 (HTTP), 25 (SMTP), 53 (DNS), and 22 (SSH). You can also customize the ports in the configuration.

What happens when Cloud Coden detects a DoS attack?

When an IP address exceeds 80 active connections simultaneously, it is immediately placed in the blacklist for 60 seconds to ensure blocking all active communications. This timeframe can be configured as needed. After 60 seconds, the IP address is moved to our graylist, allowing valid visitors to remove it. Valid visitors can delete the IP address using Cloud Coden’s Browser Integrity Check or CAPTCHA service.

A company specialized in providing hosting services, software development, and website creation. We offer our services to clients in numerous Arab and European countries. We excel in delivering high-quality hosting services and are listed among the leading companies in this field.