I currently have a site running on ubuntu 18.04 (droplet) and I’ve been having some issues lately. My site was down a for a couple days which appeared to be a XML-RPC attack. It seems very easy to send denial of service attacks to the service to render the services useless. The site and service is new with no income, so I don’t exactly have a large disposable income to invest at the moment on high end solutions, so I’m looking for more cost efficient methods. I have a couple of questions.
How can I better protect the server from future denial of service attacks, or any other attack for that matter?
What is the best way to offer reliability and failover protection? I’m thinking about mirroring the server on to a different droplets, location independent and possibly load balance the traffic or set up some sort of active/passive setup, in case the primary server goes down, the traffic redirects to the secondary. I have to investigate this in more depth, I assume I will require more than one DNS record, and I’m not sure how the loadbalancing with in digital ocean works. Does anyone have any advice on a failover design solution?
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.