The case when the flood is useless

When a farmer cultivates his ranch, he expects that cherry tomatoes will grow wild on his plot, but in no case will the bowling championship or rally of Seventh Day Adventists be held. The creators of many online resources are similar to such a farmer as twins - sometimes they never come to mind how their virtual creations will be used. We have already described several such cases on the example of our HostTracker website monitoring service in the corresponding article . And if a farmer can stick a scarecrow in his garden (or get a good old Colt out of his holster) and turn away uninvited guests for a long time, then the owners of online hectares have to act slyly. How exactly? About this below.

Here we should say a few words about the basic function of the monitoring service, specifically about checking sites on a regular basis at a specified interval. This check is available for various protocols, including: http, ICMP and others. And in this regard, the question arises: is it possible to organize such a http-flood or ddos ​​with the help of such a service so that the site “chokes”?

Flood protection with instant checks

The easiest way to put a fat pig on the owner of an online service is an instant check, as it is available even to an unregistered anonymous user. With an instant check, the site is checked from all our points (and there are already about 50). This means that at the output you can get half a hundred requests in about a few seconds. And if you run not one, but immediately a bunch of checks at once and invoke bots to assistants? Yes, it remains only to stock up on popcorn and under the favorite overture of Doctor Evil to watch as your enemy's site bleeds.

In fact, all instant checks are analyzed and entered into our database. If someone performs several instant checks in a row, the process becomes more complicated - they have to be done with captcha, and it does not depend on whether the client comes from the same address, or from different addresses. It turns out that if we are dealing with weak hosting, which does not hold more than 50-100 requests, then it is possible to lay such a resource on the blades without much bothering. At the same time, sites with medium and high flow of users will not notice such a “hacker” attack at all.
')

Protection against unauthorized regular checks

And now the good news! First, to regularly check any site, registration is required. Of course, dreamers who generate fake nicknames for days and register under them like carp during spawning. However, it is not possible to create two checks of the same URL from under one account. With a minimum interval of 1 minute it does not carry any danger.

Secondly, the craftsmen who create a lot of accounts and lead them to the same sites, the administrator of our system is looking for a special analyzer of accounts and tasks. Such accounts are mercilessly deleted, and the domains are put on the list that is prohibited for verification until the circumstances are clarified. In a word, a hacker will not be able to create a serious load for any long period of time (it is said cheerfully and confidently).

From time to time, the owners of online resources who are not customers of our service turn to our "editorial office" with complaints of unauthorized checks. If you get closer to them, it almost always turns out that these people are the clients of our clients: developers, designers, SEO specialists and others who use our service in their work. After analyzing all the requests, we can declare: there were no serious failures and errors that could entail any substantial damage.

This fact gives us every reason to be proud of our algorithm for shooting unauthorized use of our system.

Is it possible to spam anyone you need?

A question that is sometimes asked by new customers or those who have suddenly discovered the undiscovered potential of our service.

In order to receive alerts, you must register your contact using a confirmation code. That is, at least, you need access to the mailbox / Skype account / phone number of the addressee of "spam". Therefore, accidents are excluded here.

There is also a “re-alert” feature, recommended for critical sites. In this case, alerts will be sent periodically until the site starts working again. It happens that the client automatically puts all the checkmarks, and then he is surprised at the huge number of messages that have accumulated overnight.

It also sometimes happens that in large companies one employee is responsible for monitoring, configures the service, adds contacts (with the consent of all users), signs them for alerts. And then it turns out that he signed erroneously, and colleagues receive SMS on foreign sites. And the creator at this moment on vacation / business trip / quit. But our guilt is not in this case, and we promptly solve such situations.

Checks and site statistics

And finally, we want to answer a question that excites many customers vividly: Do checks spoil website statistics? ”

The fact is that our agents make http-requests to checked sites, but they do not execute JavaScript. That is, our robots do not affect the statistics of external analytics systems, such as Google Analytics and Yandex Metrika. But if you use the local analytics system, here our requests will, of course, appear. This “feature” was noticed by a representative of one Asian country who wrote about it at some local forum, after which every respected webmaster from this country used HostTracker to cheat the counter of visits to their sites. The struggle lasted for several years, and in the end it ended in our victory - either the level of education in this country grew and people realized that they were not real visitors, or the post on that forum is outdated ...

In order to eliminate the impact, you need to tweak the settings of your statistics system a little - for example, filter by the user agent field or add the IP addresses of our servers to the ignored list.