•  Home
  •  Dashboard
  •  Company
    • About Us
    • Blog
    • Careers
    • Contact Us
    • Data Centers
    • Looking Glass
    • Network
    • Reseller
  •  Hosting Services
    • Backup
    • Content Delivery Network
    • Colocation Hosting
    • Dedicated Hosting
    • DDoS Mitigation
    • IP Transit
    • Private Cloud
    • Wavelength
  •  Solutions
    • Ecommerce
    • Finance
    • Gaming
    • Hosting
    • Management
    • Security
    • System Integrator
  •  Support
    • Community
    • Knowledge Base
    • Open A Ticket
  •  USA & Canada: 800-933-1517
  •  International: 626-549-2801
  •  Email: sales@psychz.net
  • Services
    • Dedicated Servers
    • Colocation
    • Private Cloud
    • DDos Protection
    • IP Transit
    • CDN
    • Backup
  • Solutions
    • Ecommerce
    • Security
    • Gaming
    • Hosting
    • Management
    • Finance
    • System Integrator
  • Dashboard

mod_security DDoS Protection

  • Home
  • Client
  • Qa Forum
  • mod_security DDoS Protection

Posted By: Nicolas | 1 Replies | Last Reply On: Mar 06, 2018 21:41:57

Is it possible to use mod_security for DDoS protection of my server?  or should I order your hardware based ddos protection service? 

Psychz - Kamal

Votes: 0Posted On: Mar 06, 2018 21:41:57
 

"mod_security" is an Apache module which serves as a Web Application Firewall for the web server. It protects web application against attacks such as XSS, SQL injection and file inclusion. It helps you protect against malicious traffic with real-time web application monitoring, logging, and access control. 

mod_security can be very useful against DoS attacks. Dos or Denial of Service attack is an attack in which huge amounts of data is bombarded to the target server. However, in the case of a DDoS(Dedicated Denial of Service) attacks, mod_security would not be very useful. 

mod_security offers the feature of "rate-limiting" under which the incoming traffic can be restricted due to unfamiliar patterns from a single IP address. This can be effective in the case of DoS attacks where the attack is incident from a single IP address. Connections from the IP address can be denied to stop the attack.
However, in case of DDoS, huge amounts of data from thousands or millions of source IPs collectively send to the target server. Hence, it is very difficult to identify the pattern from a single IP source. 
It would require a hardware firewall with multiple layers of filtering to stop such an attack.

Moreover, it is your responsibility to configure mod_security. You will have to employ a person for configuring the rules as per your requirement. Also, the traffic will have to be constantly monitored by a team that has expertise in web related protocols such as HTTP. 

Also, mod_security is a web application firewall that will protect you against an attack on the application layer. However, a hardware firewall can protect you against TCP, UDP as well as HTTP attacks.

 

Working of a Hardware Firewall

A hardware firewall system provides you with complete DDoS protection. For instance, we at Psychz, have a complex firewall system with multiple levels of filtering. Your network is monitored 24/7 by the team and any suspicious traffic is immediately identified and dealt with. If the server is hosted in our data center, the traffic passes through our firewall before reaching your server. If you are located at a remote location, you can always announce your IP in our network and get DDoD protection. 

The data goes through many scrubbing centers that identify the suspicious traffic patterns and act accordingly.

Hence, "mod_security" is successful in the case of DoS attacks which involves a single source. But in the case of DDoS attacks, where the attack is coming from various sources at a rapid rate, an external hardware-based DDoS protection is a must.

 

To get a quote from our team please click on the link below.

https://www.psychz.net/ddos-mitigation.html#Quote

Was this reply helpful?

Related topics

  • What is DDoS and How to Protect Against a DDoS Attack
  • Buy DDoS Protection
  • 100 Gbps DDoS Protection
  • Layer 7 DDoS
  • Application Layer DDoS Protection
  • Cheap Remote DDoS Protection
  • Best Dedicated Server Hosting With DDoS Protection
  • How to temporarily/permanently enable DDoS IP diversion for a Single IP Address?
  • Complete Guide To Psychz's CDN
  • Web Application Firewall(WAF)
  • DDoS Extortion: The Latest Nefarious Twist on Cyber Crime
  • A Notorious Record Is Set - The World's Largest DDoS Attack
  • Serious New DDoS Attack Method Surfaces; Threatens Internet Providers, Businesses
  • DDoS Attacks Are Still On The Rise
  • Psychz Networks Protects Client from Massive 400 Gbps Mirai Botnet DDoS Attack
Hosting Services
  • Dedicated Hosting
  • Colocation Hosting
  • Backup
  • IP Transit
  • DDoS Mitigation
Support
  • Portal Login
  • Knowledgebase
  • Community
Company
  • About Us
  • Contact Us
  • Network
  • Data Centers
  • Looking Glass
  • Affiliates
  • Reseller
  • Blog
Policies
  • Privacy Policy
  • Acceptable Usage Policy
  • Terms and Conditions
  • Service Level Agreement
Company
  • Psychz Networks,
    A Profuse Solutions Company
    611 Wilshire Blvd #300
    Los Angeles,California 90017
    USA
  • US/Canada: 800-933-1517
  • International: 626-549-2801
Subscribe to Our Mailing List
* indicates required
Copyright © 2023 Psychz Networks, A Profuse Solutions Inc Company