DDoS Protection | KnownHost

DDoS Protection

KnownHost offers complementary DDOS protection on All Managed product lines!

We offer protection up to 3 Tbps (3000 Gbps) for bandwidth and packet intensive attacks designed to take your website offline by flooding it with more traffic than it can handle. We use multiple layers of identification and filtering hardware and services to help ensure your website remains online during these attacks. See below for examples and types of attacks covered.*

Person

Types of attacks covered:

check mark UDP Floods
check mark Syn Flood
check mark NTP Amplification
check mark Volume Based Attacks
check mark DNS Amplification
check mark Fragmented Packet Attacks

Exceptions:

Our DDOS protection is not intended to protect against Layer 7 or application layer attacks. Many of these can be handled at a server level by using firewalls, mod_security or locking down your website code. Some examples of items not covered under our DDOS protection are below.*

check mark Brute force login attacks
check mark Email / Spam Floods
check mark XMLRPC floods
check mark IPv6 Null Route Only
check mark Low level HTTP traffic floods
Person

KnownHost Security - DDoS Protection.

At KnownHost, we take website security very seriously, because we know the potential losses a business can incur whenever a security breach takes place.

We start with high-end hardware and network appliances, overlay secure operating systems and software components which we then optimize to both perform and be secure.
We provide SSL certificates and integrate easy to use software like Imunify360.
But our first line of defense is in the network. Our DDoS protection intervenes, protecting your server, files, databases, and emails before they ever hit your server.

Your Role in Protection

DDoS is a type of brute force attack designed to send a flood of requests in the hope of disrupting the normal operation of a server or web service. But there's much more to protection than just dealing with a large DDoS. Many of those things can be handled by you. Read on to find some of the ways you can help secure your server and protect your company information.

Restrict Login Attempts

There are a number of ways to stop multiple failed login attempts in quick succession, depending on which port/method is being used for the attempt. For example, with SSH it is handled by the CSF/LFD daemon installed on our VPS, Dedicated and Cloud products.

Ban Users After Failed Logins

You could use Config Server Firewall (CSF), iptables or other firewall-based methods. In fact, there's a dozen or more ways to do this - the important thing is that YOU DO THIS!

Monitor Log Files

We can have all the best hardware and software (which we do, by the way), but what really matters is our people. We have nearly two decades of experience in the hosting industry and many of our people have been here since the beginning. They not only have the expertise to do the job right, but the drive to do it better than anyone else.

FAQ Icon

Need More Information About
DDoS Protection?

If you haven't implemented public keys, now is the time. Make it more difficult for system compromises with this small step-change.

Why make it easy for hackers? Changing the default port for SSH is an easily implemented change that adds one extra layer of protection. It should be a part of the plan - not the whole plan, though.

It costs KnownHost an arm and a leg to build this secure infrastructure. But... We know this is critical for businesses, so we provide it as a FREE service to all of our hosting customers.

We have a full page about premium SSL certificates, but our high-value shared and reseller hosting plans include a free SSL certificate to get your started.

In addition to the above server level things, within WordPress you can: change the default admin username, giving admin much less permissions, password protect wp-login.php, limit access to wp-admin by IP address, deny no-referrer requests, consider blocklists - and many, many more. It pays to learn about securing WordPress, and use more than one single solution to protect yourself.

Start with all the above, then customize the Magento path, don't use admin for administrative tasks, use strong passwords, protect the /download folder via .htaccess, enable https for admin panel, keep everything fully updated to avoid easy exploits - and many, many more. Again, it pays to learn about the many different ways, and employ more than one of them to secure your Magento installation.

Stars