Then, how can we determine whether the website is under DDOS attacks? In summary, when the website is under DDOS attacks, the following symptoms may occur: If the website server has all of the following symptoms, the website is basically determined to be under DDOS attacks.
1. The normal services provided by the website become abnormal.
This symptom is: The Webpage Browsing and uploading services provided by the website server become extremely slow or no longer provide services. For example, if you submit a Forum website, the normal page cannot be opened or the website can be opened very slowly. If a DDOS attack occurs, this will happen. However, it may also be because of website bandwidth or other causes. Therefore, you need to consider other symptoms.
16:28:15 upload
Download Attachment(11.8 KB)
2. The server processing capability is full.
If the website administrator finds that the CPU and memory consumption on the normal server is very high and the CPU usage is 100% for a long time, it is very likely that DDOS is caused.
16:29:39 upload
Download Attachment(41.18 KB)
3. network congestion.
If a large number of illegal or forged data packets appear on your network, this is also one of the symptoms of DDOS. The most typical case is that multiple websites under the same IDC cannot be accessed. This is due to the influx of massive and unimaginable data to the entire IDC entry node, resulting in DDOS removal of the IDC, as a result, all websites in the IDC cannot be accessed and services are stopped. For a single IP address of the website server, the situation will be more obvious.
16:30:25 upload
Download Attachment(14.58 KB)
4. Frequent server crashes or restarts.
If a DDOS attack occurs, especially when the CPU usage remains at a high risk of 100%, the server restarts repeatedly.
Therefore, it is necessary to determine whether the server has suffered DDOS attacks in multiple directions. A single symptom is that the website cannot be accurately identified as suffering from DDOS attacks. If symptoms occur and are correlated with each other, in this way, you can locate DDOS attacks to determine DDOS attack types and build a defense system.
Author Eesafe