I’ve looked around and asked others about DoS attacks and protection against them, but cannot come to an understanding about this.
My web host service gave me a package which includes DoS protection by default… Does this mean I don’t have to worry about throttling invalid user attempts on my website?
Well that’s going to help at a domain level…not knowing what your package entails, it should help but it will depend on what software you use (if you do) on your website.
For example, I run a self-hosted Wordpress site for a group in my city. We get targeted because we use Wordpress. It’s not complete Denial of Service but it can amount to such. I had to invest in plugins that will help me maintain security and keep these attacks from bringing down my site. My package, gets me some help when this happens (always fun when a security company calls you at midnight to say your site is compromised) but by being proactive, I can remove the attacks before they result in a full DoS. I currently run three or four wordpress sites and only one has this issue.
So YMMV but code your app and check any software you use for security.
I’m not using any software, creating the websites from scratch using a tech stack. It seems that using WordPress/a CMS is disadvantageous in this regard (i.e. it’s a higher target for DoS attacks)? Since, the attack is done on the domain itself and not the website add-ons?
It can be. We speculate they target that site since it’s a club site and they assume we are making money (we are not, so it’s a laugh). they are trying to generate drug revenue and might take our site down to do it.
You should be okay as long as you keep an eye on security for any user input / login (if you have those things). If you’re not using precreated software then other factors to keep in mind.
If you become mind blowingly popluar…general uses can flood your web service. Think commercial at the Super Bowel popular…doesn’t happen as often these days but it generally means you need to pay for more bandwidth.
Some one hates with the no how hates your political views/religious views/gender
Some one wants your business…this back on the popular side
You piss some one off…see #2
Everyone on one ISP, Host, cloud service or Node goes down - not likely but does happen
Script KIttys with nothing better to do…again unlikely. They tend to target software and only stick around long enough to post a screen shot of their attack on some brag site. They tend to leave a trail because they like the attention.
Oh okay good, now I feel less lost than I was