News

The new webserver LGHOST/2.0 – how we mitigate Layer 7 DDoS attacks

It’s been a while since we informed you about what we are “cooking” here at LGHOST.

As you are aware, we host many gaming websites which are prone to DDoS 24/7, more specifically to Layer 7 DDoS attacks. While we are fortunate with Layer 3 & 4 DDoS thanks to our ISP OVH, Layer 7 attacks are a very big problem and we needed to do something about it. Basically our web hosting “cages” each user to it’s own dedicated resources which means that in case of a high traffic peek or DDoS attack it will prevent from affecting the whole infrastructure.

However this is not convenient from a customer or user perspective, because they would see very often a message like “Resource Limit Reached” and not the actual website. This issue was resolved by our team by filtering specific GET and POST attacks to prevent resource consuming as much as possible.

But let’s be serious, with all the smart hackers out there they bypassed this filtering in no time and plus amplified the attacks to millions of requests… and hundreds of unique IP’s.  At this point, the customer’s hope was completely gone and he was ready to give up his business.

So we got down to business, and developed our own webserver called “LGHOST/2.0” which is based on NGINX open source. We have made major changes and improvements to fortify and challenge browsers to it’s extent to prevent Layer 7 DDoS attacks, and the result was more than amazing: as soon as we applied this protection for this one customer only, all the millions of requests and thousands of concurrent connections made by botnets where dropped instantly.

All the incoming traffic was challenged and only legitimate visitors were able to pass, a message like below is presented:

LGHOST Layer 7 DDoS Protection

In the below image you can see the result before (19/11/2017 ) and after (20/11/2017 ) we enabled the protection for this customer:

The new webserver LGHOST/2.0 - how we mitigate Layer 7 DDoS attacks

A drastic drop from 2 million average hits to 500.000 hits on average. Now that’s impressive!


Before we enabled the new protection

After we enabled it


Before we enabled the new protection

After we enabled it


Before we enabled the new protection

After we enabled it


Before we enabled the new protection

After we enabled it


NOTE: This new protection is not enabled for everyone yet, as there is a default level of protection there already. The new solution needs more testing and tweaking before we can apply it for everyone.

It’s time to wrap this up, because we are very busy in creating new innovations and also protection everyone’s businesses.

We really hope you found our post interesting, and if you would like to benefit from this don’t hesitate to checkout our Web solutions and make your website online 24/7!

Until next time!