February night DDoS attacks exceeded 133 Gbps, peaked at 300 Gbps

On the night of 18.02.2022 to 19.02.2022, we experienced the strongest DDoS attacks on our infrastructure since April 2021, when we were hit by probably the strongest attacks in the history of the Czech Internet. Back then, for a brief moment, it managed to clog three 100 Gbps routes. This time it wasn’t so much about power but length, and apart from a few customers, no one noticed the attacks.

Continue reading “February night DDoS attacks exceeded 133 Gbps, peaked at 300 Gbps”

How we protect our customers’ websites from backdoors and other malicious files

Two weeks ago, rather for the sake of interest, we published a detective story How we protected our customers’ websites from a critical bug in the WordPress plugin ThemeGrill Demo Importer. We didn’t expect it to generate such a response and get so many inquiries. That’s why we decided to write another example of the work of our security team.

Continue reading “How we protect our customers’ websites from backdoors and other malicious files”

Better and stricter filtering of attacks and unnecessary robots in web hosting

In the second half of 2015, we launched our IPS/IDS (Intrusion Prevention Systems and Intrusion Detection Systems). At first it was only tasked with monitoring traffic on our servers (it was an IDS). We were surprised by the huge number of attacks. For example, the number of attacks on the WordPress login page (wp-login.php) averaged 8 per second. Early last week (15.4.2019) we compared it and it was already a whopping 63 attempts per second. And we can only detect activity on HTTP so far. However, more than half of our services already use HTTPS.

Continue reading “Better and stricter filtering of attacks and unnecessary robots in web hosting”