At a high level, a distributed denial of service (DDoS) attack uses a distributed group of computers (a botnet) to send a flood of requests to a server (often a webserver). This flood of illegitimate requests can cause the server to be unresponsive to legitimate requests, thereby causing an apparent denial of service to genuine users. In other words, the server under attack is so busy trying to service illegitimate server requests that it can't properly respond to legitimate requests. From the user's perspective, it appears as if the server is denying them service when, in fact, it's simply unresponsive due to the onslaught of DDoS-related requests.
DDoS attacks can range from the relatively simple (as suggested above) to the highly complex involving many attack vectors targeting multiple layers of a network stack simultaneously. Because of the potential sophistication of modern DDoS attacks, Hostwinds offers a streamlined DDoS protection service - you simply purchase one or more DDoS-protected IP addresses and use them as your public-facing IPs. Traffic on a protected IP is constantly being monitored and analyzed, if a DDoS attack is detected, a DDoS system filter is enabled to mitigate the attack.
If a DDoS attack is detected on a non-protected IP, all server traffic is null routed (thrown away) for a 24-hour period, making it impossible for anyone to access the server during this time. If the IP address remains under attack after the initial 24-hour period, a second period is triggered, and so forth.
If you should be interested in DDoS IP protection, the service fees are as follows:
Note. DDoS protection is not available for Shared Hosting and Business Hosting.
To purchase and set up DDoS protection, please file a sales support ticket: