Protecting Your Site from DDoS Attacks

Updated 25 February 2026 10 views SSL & Security

DDoS Protection for Your Website

A Distributed Denial of Service (DDoS) attack floods your website with massive amounts of traffic from multiple sources, overwhelming your server and making your site unavailable to legitimate visitors.

How DDoS Attacks Work

Attackers use networks of compromised computers (botnets) to send thousands or millions of requests to your server simultaneously. Common types include:

  • Volumetric attacks: Flood your bandwidth with massive amounts of data (UDP floods, DNS amplification).
  • Protocol attacks: Exploit weaknesses in network protocols (SYN floods, ping of death).
  • Application layer attacks: Target specific web application features with seemingly legitimate requests (HTTP floods, slowloris).

SillyHost's Built-In Protection

All SillyHost servers include basic DDoS mitigation at the network level. Our data centre infrastructure filters out the most common volumetric attacks before they reach your server. However, for comprehensive protection, additional measures are recommended.

Using Cloudflare for DDoS Protection

Cloudflare is the most effective free solution for protecting your website from DDoS attacks:

  1. Sign up for Cloudflare (free plan includes DDoS protection).
  2. Add your domain and update your nameservers to Cloudflare's.
  3. Cloudflare will proxy all traffic to your site, filtering out malicious requests before they reach your server.
  4. Enable Under Attack Mode during an active attack: go to your Cloudflare dashboard and toggle it on. This presents a JavaScript challenge to all visitors, which blocks most bots.

Additional Protective Measures

  • Rate limiting: Configure Cloudflare's rate limiting to restrict the number of requests from a single IP address within a time period.
  • Firewall rules: Block traffic from specific countries, IP ranges, or user agents that are sources of attacks.
  • Bot management: Cloudflare's Bot Fight Mode helps identify and block automated traffic.
  • Hide your origin IP: Ensure your server's real IP address is not exposed in DNS records, email headers, or other public sources.

During an Active Attack

  1. Enable Cloudflare's Under Attack Mode immediately.
  2. Contact SillyHost support so we can assist with server-level mitigation.
  3. Review server logs to identify attack patterns.
  4. Do not panic — most attacks are short-lived and stop once the attacker realises they are ineffective.

Was this article helpful?

Let us know so we can improve our docs.

Back to SSL & Security All Categories

Related Articles

Understanding SSL Certificates

Learn what SSL certificates are, how they work, and why every website needs one for security and SEO.

12 views

How to Force HTTPS on Your Website

Force all website traffic to use HTTPS using .htaccess rules, WordPress settings, or Cloudflare.

12 views

How to Set Up .htaccess Security Rules

Implement security rules in your .htaccess file to protect against common attacks and vulnerabilities.

12 views

How SSL Is Included Free with Your Hosting

Learn how SillyHost provides free SSL certificates through AutoSSL with automatic installation and renewal.

11 views