A distributed denial of service (DDoS) attack is an attempt to flood a website or online service by overwhelming it with traffic, rendering it unusable.

If you’ve experienced DDoS attacks before and your website is a news or independent media site or a human rights site, you can apply for free DDoS protection through Google Ideas’ Project Shield at https://projectshield.withgoogle.com/public/. Public interest websites (such as minority rights organizations, independent media outlets in the developing world, global citizen journalist sites, etc.) can apply for free DDoS protection through CloudFlare’s Project Galileo: https://www.cloudflare.com/galileo.


You can talk to your hosting provider about ways to defend against malicious traffic through DDoS attack protection. One good option is to sign up for a CloudFlare account, since the company offers a basic level of DDoS protection under its free (and $20/month) plans. If your site is under DDoS attack and the basic protection doesn’t help, you can upgrade to a business account for $200/month to get it back up quickly.

Sucuri offers some DDoS protection with services ranging from $9.99 to $69.93/month. Another option is Incapsula, which provides a free 24-hour trial for its Instant Protection service if you’re under DDoS attack, as well as a 7-day free trial. DDoS protection through Incapsula’s business plan is $299/month. Some web hosting plans, such as OVH, offer DDoS protection as well.  

If you want a backup site option in case of DDoS attack, consider setting up a Tumblr account to mirror content on your site if needed. The site has very good security and you can redirect your readers to your Tumblr site while getting your site back up, as New York Magazine did when its site came down after it had published a photograph of its magazine cover showcasing 35 accusers of Bill Cosby.

If your domain is connected to providers like Wix or Squarespace, it is difficult to configure DDoS protection like Project Shield or CloudFlare. However, these services all provide automatic back ups and use a CDN (Content Delivery Network) server, which is an interconnected system of cache servers in different geographical locations. Both Wix and Squarespace are built to support high-traffic sites. Those wanting to attack your website thus have to attack Wix and Squarespace in order to bring down your website.

Check out more digital hygiene tips:

  1. Removing public data
  2. Privacy protection on domain names
  3. Https everywhere
  4. Anonymous “Tor” cloak or VPN
  5. Prepare for a DDos attack
  6. Two-step verification
  7. Privacy plug-ins/cookies
  8. Third-party permissions
  9. Image “hidden pixels”
  10. Links and attachments
  11. Install patches and updates
  12. Use a password manager/strong password
  13. Strengthen security questions
  14. Encrypt hard drive/backup data
  15. Click to play
  16. Use end-to-end encryption

Published by michelleferrier

Executive Director, Media Innovation Collaboratory; Founder, Troll-Busters.com | Online Pest Control for Women Writers and Journalists;

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: