By way of utilizing Amazon Web Service for our data center services, our network is protected through the AWS Shield Standard, equipping our network with the proper enhancements to secure us from common Denial of Service threats and mitigate active attacks.
What is DDoS?
A distributed-denial-of-service (DDoS) attack is hostile maneuver designed to impede on the normal ebbs and flows of your traffic, targeting either your server, network or service. In essence, a host of internal traffic causing massive congestion and strain on your resources can be damaging to your business.
Protecting WordPress From DDoS Threats
WordPress generally finds its primary risk around DDoS attacks through targeting server resources (such as PHP consuming a large portion of memory or CPU in a small number of requests). With Amazon’s advanced network security group, their default rules filter out the vast majority of typical network-based attacks.
Note: If you’re particularly sensitive to a potential DDoS attack, adding a service like Cloudflare will provide an additional layer of protection that offers specialized hardening pertaining to DDoS threats.
Custom Rate Limiting
Beyond those measures, our NGINX layer provides rate limiting and protection from the most common application level attacks, including brute force attacks against the WordPress login.
We protect against this activity by enforcing CAPTCHAs after too many failed attempts and not allowing anyone to log in with the username/password being the same. In addition, a dynamic blocker can be configured for specific traffic patterns across any of our plans.
Amazon AWS's networking security group rules filter out most other types of network-based attacks.
For deeper stability, the Web Application Firewall (WAF) integrated into our platform works in tandem to amplify your protection even further. Future versions of our gateway stack will feature more WAF-type features.