: Is Hosting My Web Apps at Amazon EC2/S3 an Adequate Defense Against DDOS? Reading how an online news portal Sarawak Report was under massive, well-funded, sophisticated DDOS attack and unable
Reading how an online news portal Sarawak Report was under massive, well-funded, sophisticated DDOS attack and unable to function as normal, I wonder what should normal webmasters do in the light of such an event.
Do you think that if I host my web app at Amazon EC2/S3, then I am safe from DDOS? I thought that Amazon ( or Google App Engine) should have a better security measure, and better idea on how to stop this kind of abuse.
What do you think?
More posts by @Goswami781
1 Comments
Sorted by latest first Latest Oldest Best
No, hosting on Amazon EC2 is not adequate protection from DDoS.
According to one of the AWS engineers, "Once you have exposed your instance on a particular port (or set of ports and protocols) using EC2 authorize, there is no explicit DDOS protection offered by EC2."
forums.aws.amazon.com/thread.jspa?messageID=208949
There is a well documented case where bitbucket.org was knocked off the web for most of a day because of a DDoS when they were hosted on EC2. This is not pointing the finger at Amazon, but just to highlight that their cloud doesn't automatically make things perfect. You can read Bitbucket's account of the attack here:
blog.bitbucket.org/2009/10/04/on-our-extended-downtime-amazon-and-whats-coming/
Having said that, there are lots of resources available on the Amazon forums on how to protect yourself from and mitigate the effects of DDoS attacks. Some of the techniques apply to any web architecture, some are specific to AWS. Plenty of reading for you here:
forums.aws.amazon.com/search.jspa?objID=f30&q=ddos
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.