DDOS & Cyber Security Recommendations for 101domain Clients

As we watch the events unfold in Ukraine with heavy hearts, there has been a recent escalation of cyber attacks related to the ongoing conflict. Our goal is to keep you secure and your business online during this time. Continue reading for 101domain’s recommendations and resources to protect your digital assets against DDoS and other attacks.

DDOS & Cyber Security Recommendations powered by Cloudflare

Cloudflare’s global cloud network is built to protect against the world’s largest cyber attacks. Every day Cloudflare blocks an average of 86 billion threats with over 121 Tbps of network capacity. Adding Secure Web Accelerator powered by Cloudflare to your domains means you are putting your website infrastructure behind Cloudflare to defend.

To help you prepare your organization against potential threats, we recommend enhancing your security posture with the following steps.

1. DDOS Mitigation

Cloudflare automatically protects all customers with default DDOS mitigation. Cloudflare has servers around the globe, spanning over 250 cities that run a full stack of DDOS services to identify and mitigate most DDOS attacks in under 3 seconds. When you add Secure Web Accelerator to your domains you get the best defense in the world that can combat the largest attacks ever recorded.

You can optimize additional security settings in your Cloudflare dashboard, available with Secure Web Accelerator Plus and Professional:

1. Ensure your Security Level is set to “Medium”. Cloudflare sets Security Level to Medium by default. This mode will challenge threatening visitors.

2. Set up DDOS Alerts that will send you email notifications of attacks and their severity so you can take action.

3. If you receive an alert you can change your Security Level to “I’m Under Attack!” mode to perform additional security checks to help mitigate DDoS attacks. Validated users can still access your website while suspicious traffic is blocked.

2. Activate Browser Integrity Check

Ensure Browser Integrity Check is enabled in the Settings tab of the Cloudflare Firewall app. Browser Integrity Check checks for common HTTP headers and user agents that are commonly abused by bots and spammers and denies them access to your page.

3. Activate Web Application Firewall

101domain customers with Secure Web Accelerator Plus and Professional are protected against web and application attacks and exploits with the Cloudflare Web Application Firewall. You can turn on Cloudflare managed rules and OWASP rules for additional vulnerability protection and blocking of the “top 10” attack techniques. All you have to do is enable WAF in your Cloudflare dashboard.

4. Create Firewall Traffic Restrictions

The great thing about Secure Web Accelerator Plus and Professional is that everything is customizable in your Cloudflare dashboard. You can create custom rulesets to block any threat. For example, you can restrict who can visit your website with tailored parameters that filter out traffic by Country, Continents, and IP Addresses.

This is a common practice for our clients in the banking industry. Let’s say you only cater to customers in the United States. You can create firewall traffic restrictions to block traffic and potential vulnerabilities from other parts of the world.

5. Create & Store Backups of Your Website

At the bare minimum, we recommended that our customers create and store redundant website backups on a schedule. In addition, we highly encourage you to diversify where you keep your backups.

Storing backups in different locations and environments is the ultimate insurance policy. You can back your website up to Google Drive,protected with Google’s state-of-the-art encryption, and schedule automated backups with a plugin like UpdraftPlus.