Cloud hosting has become widely popular. I’m sure you’ve heard the benefits: instant scalability, reduced overhead — not to mention automatic failover and load balancing. As you can see, the benefits stack up, but what you should be wary about is what’s not in the fine print.
At Rivalhost, we provide cloud hosting instances that are DDoS protected. This means you get the scalability of the cloud, while at the same time you get protection from DDoS attacks. This isn’t always the case when it comes to cloud hosting. The old adage, “you get what you pay for” is never more true than here.
What Cloud Hosting Companies Won’t Tell You
The main benefit of cloud hosting is scalability. You pay only for what you use. If you use X amount of resources per month, that is what you will be billed for. The problem here is that a single DDoS attack has the potential to destroy your budget overnight. As the malicious traffic comes in, your cloud instance scales up, and in the end — you foot the bill.
Of course, there are companies that will cut off the attack if it gets too out of hand, mostly if they feel the attack will cause issues that will affect their entire network. This is something they must do in order to protect other customers. This is not unique to cloud hosting providers, but all web hosts.
There are forms of DDoS attacks that are easily mitigated against. There are a wide variety of attacks that can be stopped at the firewall, or easily mitigated using specialized hardware. In these cases, you may or may not be on the hook for runaway bandwidth costs brought on by a DDoS attack. In most cases you will be responsible for overages that occurred before the attack was stopped, which can still be an unwelcome surprise when you receive your invoice.
You have to understand that the terms that govern most cloud hosting plans do not hold language addressing the ‘what ifs’ of a DDoS attack. They only outline what your costs are in relation to the bandwidth and resources you use each month.
Where it gets serious though is layer 7 DDoS attacks, or an HTTP ‘GET’ flood.
Layer 7 DDoS attacks mimic human behavior and can easily give off false positives that bypass traditional DDoS protection hardware and make their way to your website. That’s when the problem starts. These forms of attacks will make HTTP requests, like downloading a resource from your site over and over again, eating up resources and sending your bandwidth through the roof.
Consequently, you will be the one holding the bag (so to speak) when your bill arrives. It doesn’t take much thought to see how this can be devastating to a business that has dealt with DDoS attacks in the past, or works within an industry that is prone to attacks.
What To Ask Your Cloud Hosting Provider
The first thing you should do is talk with your cloud hosting provider. Here are some questions you should ask:
- If my website is attacked with denial of service or DDoS, will I be billed for bandwidth consumption?
- At what point will a DDoS attack be identified? Will I continue to be billed for the duration of the attack?
How To Deal With This Problem
Your best defense is incorporating DDoS protection. If you have had a problem with DDoS attacks in the past this is the best thing you can do for business continuity, especially if you work in an industry that is highly targeted and considered “at risk”.
That’s not to say that you can’t have your cloud, and use it too. There are a number of companies that offer cloud hosting with DDoS protection, but you can always partner with a company that specializes in DDoS mitigation and stay with your current host. In the event of an attack, traffic to your website would be re-routed to the DDoS mitigation company, filtered or “scrubbed”, and legitimate traffic allowed to pass through to your website.