Compare DDoS Protection Hosting

DDoS (Distributed Denial of Service) attackers can bring your site — and your business — down within minutes. Not every web host provides quality protection against DDoS attacks.

Best DDoS Protection Hosting

Best DDoS Protection Hosting

There are hosting companies that specialize in DDoS protection, however. These providers typically use a variety of techniques to protect your website, including third-party CDNs like Cloudflare and proprietary software. Here’s a quick take on the best three hosts for DDoS protection:

  1. InMotion Hosting – Best Overall Hosting for DDoS Protection
  2. A2 Hosting – Best Hosting for Speed
  3. LiquidWeb – Best Managed Dedicated Hosting

How Did We Pick the Best Hosts for DDoS Protection?

We evaluated over 1,000 hosting plans, shortlisting the ones that provide specific DDoS mitigation tools, like firewalls, traffic filtering and DoS defense systems.

Next, we checked which plans provided excellent technical support and proactive monitoring.

We validated this list against real customer feedback, analyzing our huge database of user reviews.

DDoS Protection Hosting

DDoS protection is a service offered by some hosting providers. It is further offered by internet service providers and internet infrastructure companies to combat the effects of a DDoS attack.

The result of effective DDoS protection is that your website is less likely to go down when under attack. Your website visitors are also less likely to be affected by poor website performance during an attack.

What is a DDoS Attack?

DDoS stands for “distributed denial-of-service.” A DDoS attack occurs when a network of computers is used to send a large volume of requests to a web server simultaneously.

The web server’s resources are maxed out by the requests. This usually results in legitimate website visitors being unable to access the website. DDoS attacks are a convenient method for hackers and e-bandits to ransom legitimate websites and businesses. Protection, therefore, is vital.

DDoS Attacks Explained in Layman Terms

It might be easier to understand DDoS by way of analogy. Think of a web server as a store. If a large group of people wanted to block access to the store, it would be simple.

They could do so by all walking into the store at the same time clogging up the entries and walkways in the process. Thereby, they would be preventing legitimate customers from being able to access the store.

This is what a DDoS attack does. It sends a large volume of bogus traffic to a web server using up most of the server’s resources so that legitimate traffic is unable to access the server.

Hackers Love DDoS Attacks

DDoS attacks can be carried out continuously for an extended period of time. They can shut down a web server and any websites or services that rely on that server.

Some DDoS attacks are crimes of opportunity. Some hackers love to knock down some poor site that doesn’t keep up with security standards. Others are more targeted. A hacker might have a grudge against a site owner and launch an attack.

How DDoS Works

How They Work

It is usually the case that the computers sending requests in a DDoS attack do so without the knowledge of the computer’s owner. DDoS attacks are usually carried out using a botnet.

What is a Botnet?

A botnet is a network of computers infected with a malicious Trojan horse. It allows the author of the malware to use the computer to send out specific internet transmissions.

A single botnet controller can cause thousands of computers to simultaneously and continuously attempt to access a specific website or online service.

The way the process works is this:

  • Inadequate Security
  • Infection
  • Mass Infection
  • Botnet Controller
  • Activation of the Botnet
  • Instructions are Followed
DDoS Map by Norse

Norse is a popular source to use for tracking worldwide DDoS activity. Screenshot via Norse.

Inadequate Security

A computer user accesses the internet without adequate security measures in place. This leaves a loophole for a hacker to infect the computer without trouble.


The vulnerable computer is infected by a Trojan horse. From this point on, the user will struggle to reverse the process without technical knowledge of cybersecurity.

Mass Infection

The above step happens to more than one computer. Now multiple computers are infected by the Trojan horse, a malicious computer program.

Botnet Controller

The botnet controller gains control over parts of the infected machines. The botnet controller is usually the creator of the Trojan horse virus.

Activation of the Botnet

Once the infected computers are successfully acknowledged, the botnet controller activates the botnet itself. This is done remotely.

Instructions are Followed

Now that the botnet is active, all infected machines follow the instructions remotely rendered by the controller. The DDoS attack is carried out.

The Result of a DDoS Attack

The result is that the server hosting the website, the domain name server hosting the domain name, or the web server hosting the service is overwhelmed. They begin to reject requests.

When legitimate traffic tries to access the same resources, it can’t. All server resources are busy handling bogus traffic, creating chaos.

How Common Are DDoS Attacks?

How Common Are DDoS Attacks?

Unfortunately, DDoS attacks are quite common. While a small website is unlikely to be targeted in a DDoS attack, large, successful websites are targeted with alarming regularity.

Main Targets of Attack

In 2015, Verizon found that more than half of all financial institutions had been on the receiving end of this sort of coordinated attack. There are even cybercriminal organizations that specialize in initiating this sort of attack. Demanding a ransom payment to stop the attack is not uncommon.

A small website may not be targeted by a DDoS attack. Saying that, if the website is part of the same network as a larger website that is under attack, they can still see the effects of the attack. For this reason, webmasters who run relatively low-traffic sites can still benefit from picking a hosting provider that offers robust DDoS protection.

DDoS Mitigation


Defending against a DDoS attack requires a few different steps:

  • The attack has to be detected.
  • Traffic has to be identified as either legitimate or part of the detected DDoS attack.
  • Measures must be put in place to deny attack traffic while allowing legitimate traffic access to the requested server resources.

Techniques to Block or Detect Attacks

There are a variety of techniques hosts deploy to detect attacks, classify traffic, and deal with illegitimate requests. The simplest technique is to deploy a firewall. This blocks traffic originating from specific IP addresses or based on other traffic signatures.

However, this tactic is not usually powerful enough to block sophisticated attacks. In such cases more advanced blocking strategies are necessary.

FirewallBlocks traffic based upon simple rules
Traffic FilteringBlocks malicious traffic based upon network packets
Intrusion preventionBlocks traffic with illegitimate content
DoS Defense SystemBlocks traffic based on protocol and rate-based attacks

The more advanced techniques like intrusion-prevention systems (IPS) and DoS defense systems (DDS) are necessary for modern, intentional attacks.

Free firewall by Comodo

Services such as Comodo offer a free firewall. Screenshot via Comodo.

Scanning Web Visitors

Some companies, like Cloudflare, specialize in mitigating DDoS attacks. One of their features involves attempting to scan web visitors.

Scans are carried out to see if they’re human or if they’re bots participating in a DDoS attack. You might occasionally see Cloudflare’s challenge when you try to visit certain sites.

How Large Organizations Prepare

Larger web hosting companies can afford to throw more money and resources at the problem by hiring more employees familiar with security and building better networks.

It’s better to have a plan in place for DDoS mitigation before an attack occurs. You should have an idea of what’s normal traffic for your site versus what might be an attack. Did Stephen Colbert mentioned your site on his show? Then a spike in traffic is to be expected. If nothing like that happened, you might really be under attack.

New Techniques Against Evolved DDoS Attacks

As the level of sophistication of DDoS attacks rises, hosting providers are trying to outmaneuver them. Cloud providers are developing new techniques to combat DDoS attacks.

Many of them employ application layer analysis of traffic to distinguish human traffic from bots. A site having more human users than it can cope with at one time can still have the same effect.

Spotting Real Users

Spotting Real Users

Application layer analysis involves using statistical methods to predict what legitimate users are likely to do on a site. Human shoppers at an online store will search for items, browse, and pay for them using the online form.

Bots might just refresh the homepage over and over. The goal is to block bots while keeping the site up for legitimate users.

Partial Solutions and Constant Challenges

Some more blunt tools include rate-limiting and “black-holing” or “sink-holing”. This is to redirect traffic to a non-existent server. The problem with this is that actual users are affected by these attempts at mitigation.

Even with the increasing power of DDoS mitigation, hackers will always find ways around it. Similar to how nature always finds a way in Jurassic Park.

DDoS mitigation will be an arms race between hackers and site owners for the foreseeable future. Botnets are already trying to mimic human users as much as possible.

6 Things to Ask When Choosing a Host

6 Things to Ask When Choosing a Host

You should choose your hosting provider carefully if you’re concerned about DDoS attacks.

There are several things, in particular, you should ask about:

  1. Future Plans
  2. Security Updates
  3. Firewalls
  4. Third Parties
  5. SLAs and Compensation
  6. Customer Feedback

Future Plans

You should ask about any plans they have in place to mitigate DDoS attacks. It is vital to know about their alertness and preparation.

Security Updates

An up to date protocol in terms of security is a priority for any hosting provider. Do they keep up with security updates on a regular basis? If it’s their priority too, you’re in good hands.


Having adequate firewalls prevents a degree of unauthorized access. Ensure your selected host is prepared and up to date with their firewalls.

Third Parties

Third parties such as Cloudflare can be brilliant. As a CDN company, they specialize in DDoS mitigation. With a capacity of 15 tbs, they can handle large DDoS attacks.

SLAs and Compensation

Is there an SLA? If your site goes down due to a DDoS attack, you might be eligible for compensation if the contract includes DDoS mitigation. It’s important to have yourself covered.

Customer Feedback

Try talking to existing customers. Have they had any issues with the host? If so, what has been done to resolve it? This is always a good way to gain insight into their first-hand experience.

Top 3 Hosts

Top 3 Hosts for DDoS Protection

While providers like to advertise their security, DDoS prevention is only a small part and thus not usually advertised as a make-or-break feature. What hosting provider wants to be known as the one that encourages DDoS attacks against its customers?

Some providers offer higher tiers of service to those who are big targets: major companies, government institutions, and public figures.


InMotion is one site that offers DDoS mitigation. InMotion Hosting takes server security seriously. They provide DDoS protection on your VPS hosting without additional cost. Their specialized server structure provides a barrier against attacks. They have a dedicated expert team of system administrators who work to defend your home on the web. They have a 24/7 technical staff that will do their best to resolve any security issues.

Liquid Web

Liquid Web DDoS Protection Services

Liquid Web specializes in cloud hosting and VPS plans. They offer volumetric mitigation at 250 Mbps to two gigabytes per second. They also offer higher service tiers to clients who face more targeted attacks. CloudFlare is easily added to any Liquid Web account to provide optimal DDoS protection. Services can then be configured, managed, and monitored directly from your dashboard.

A2 Hosting

A2 hosting DDoS Web Hosting 1

A2 Hosting to help you keep your site safe. They provide a high capacity Reinforced DDoS Protection to increase the likelihood that your site will not be impacted by these malicious actions, expertly locate an attack, and provide quick mitigation if one occurs.

What You Should Know

What You Should Know

Focusing on having appropriate DDoS protection can eliminate hassles for you once your business is large enough to become a potential target. Hosts assist in lowering your chances of being attacked by:

  • Filtering website traffic
  • Safeguarded web servers with constantly updated security filters
  • Fake IP traffic filtering.

Frequently Asked Questions About DDoS Protection

Can a free Cloudflare account help with DDoS?

The free Cloudflare plan includes the ability to activate “I’m Under Attack” mode. If your site is under DDoS attack, activating this mode will help block much of the illegitimate traffic while letting through real visitors.

Can a DDoS attack cause lasting damage?

In most cases, the effects of a DDoS attack are temporary. However, a subset of DDoS attacks called Permanent DoS (PDoS) attacks involve attacking known firmware vulnerabilities and damaging it or replacing it with malicious software. The result is that the affected piece of hardware is rendered unusable until it is repaired or replaced.

Should I pay a DDoS ransom?

If you ever find yourself facing a DDoS attack coupled with a ransom demand most internet security experts advise against paying the ransom. If you do pay it, you can expect a short-lived reprieve followed by a renewed attack and another demand of payment. The best thing to do when facing an attack is to find partners, such as your hosting provider, who can help you fend off the attack.

How do cybercriminals get access to a botnet?

Believe it or not, you can actually rent access to a botnet. Some botnet controllers will gladly use their botnet to initiate attacks on behalf of paying customers. As a result, cybercriminals don’t have to create a botnet to gain the use of one.

Compare Popular Web Hosting Plans

Need a great web host? Want to save some time? This shortlist is your best place to begin:

  1. Popular Host Choice for 2022
    Starting at $2.75/mo View Current Deal
  2. Starting at $3.99/mo View Current Deal
  3. Starting at $2.99/mo View Current Deal
  4. Starting at $20/mo View Current Deal
  5. Starting at $2.99/mo View Current Deal
  6. Starting at $2.95/mo View Current Deal