Glossary
security

DDoS Protection

Definition

Defences against distributed denial-of-service attacks, which try to take your website offline by overwhelming it with traffic.

What is DDoS Protection?

DDoS protection defends against distributed denial-of-service attacks – coordinated floods of traffic designed to overwhelm your server and take your website offline. Protection systems identify attack traffic and filter it out while allowing legitimate visitors through.

Without protection, even small attacks can knock a website offline for hours or days.

Why DDoS Protection Matters

Business Continuity

If your website is your business, downtime means lost revenue. E-commerce sites particularly vulnerable.

Reputation Damage

Customers who can't access your site may not return. Competitors benefit from your outage.

Attack Accessibility

DDoS attacks are cheap to launch. Anyone with a grudge can rent attack services.

Increasing Frequency

DDoS attacks grow more common yearly as more devices become available for botnets.

Ransom Prevention

Some attackers threaten DDoS unless you pay. Protection removes their leverage.

Types of DDoS Attacks

Volume-Based Attacks

Flood your connection with raw traffic. Measured in gigabits per second.

Protocol Attacks

Exploit weaknesses in network protocols. Target routers, firewalls, and load balancers.

Application Layer Attacks

Target your web application specifically. Harder to distinguish from legitimate traffic.

How DDoS Protection Works

Traffic Analysis

Distinguishes normal traffic patterns from attack traffic through behavioural analysis.

Rate Limiting

Caps requests from individual IPs or regions.

Challenge-Response

Presents challenges (like CAPTCHAs) that humans pass but bots fail.

Traffic Scrubbing

Routes traffic through cleaning centres that filter out attack traffic.

Geographic Filtering

Blocks traffic from regions irrelevant to your business during attacks.

Anycast Distribution

Spreads incoming traffic across multiple global locations, diluting attack impact.

DDoS Protection Options

CDN-Based Protection

Cloudflare, Akamai, and Fastly include DDoS protection. Their global networks absorb attacks.

Dedicated DDoS Services

AWS Shield, Arbor Networks, Radware – enterprise-grade protection.

Hosting Provider Protection

Some hosts include basic DDoS mitigation. Quality varies significantly.

Levels of Protection

Basic

Included with many CDNs. Stops common volumetric attacks.

Standard

Blocks more sophisticated attacks. Usually adequate for most businesses.

Enterprise

Protection against the largest attacks. Required for high-profile targets.

Getting Protected

For most websites, using a CDN like Cloudflare (free tier available) provides adequate DDoS protection alongside performance benefits. Higher-risk sites should consider dedicated DDoS services.

Related Terms

CDN

Content Delivery Network – a network of servers worldwide that delivers website content from locations close to each visitor, dramatically improving speed.

Firewall

A security system that monitors and filters traffic to your website, blocking malicious requests before they reach your server.

Hosting

The service that stores your website files and makes them accessible on the internet. Without hosting, your website can't be viewed online.

Website Security

Protecting your website from hackers, malware, and data breaches through technical measures and good practices.

Explore More Terms

301 RedirectDashboardLCP (Largest Contentful Paint)Screen ReaderZero-Click Search

Previous

Database

All Terms

Next

Decision

Want to Learn More?

Check out our in-depth guides on web design, SEO, and digital marketing.

Browse All GuidesAsk a Question