Aug 9, 2011
tom

Does a VPS mitigate risks of a DDOS attack versus shared hosting?

Question

A client of mine has a website on a shared hosting account, and one of the other accounts on that server was targeted by a DDOS attack, which of course brought all of the websites on that server down. We’re talking about moving to a dedicated server or VPS to help mitigate this in the future. I am fully aware that this won’t prevent DDOS attacks from ever happening, but being on their own server will at least reduce the risk because they won’t be caught in someone else’s collateral damage (as much?).

But I’m wondering if being on a VPS will have any effect at all in this regard — yes the system is isolated from other systems at the software level, but my understanding is that there are still several virtual machines sharing one physical machine (and hence one physical network connection). My question is: does the quasi-isolation that a VPS offers provide any kind of benefit in terms of reducing the chances of being caught up in someone else’s DDOS attack, or do you only get that kind of benefit from being on a separate physical server?

Answer

The risks will be slightly reduced, but not eliminated obviously.

In general, there will be fewer customers on a VPS host than reside on a shared webserver, making fewer potential targets. Of course this is all completely theoretical, and there’s literally nothing that can stop a determined DDoS attack short of having a massive infrastructure scaled like say Google or Facebook.

Related posts:

  1. DDoS Mitigation with round robin DNS?
  2. defend dos attack
  3. Block All UDP traffic (to prevent ddos)
  4. DOS attack “slow post” : How to prevent in IIS
  5. Got VPS, need help understanding how to set up domain

Leave a comment