September 5, 2014
Over the past week and a half Varial Hosting has been the victim of two extremely large denial of service (DDOS) attacks that have targeted our DNS name servers in an attempt to overwhelm and take them offline. These attacks have caused outages and intermittent connectivity issues for many users.
It is unknown if the attacks were targeting a particular website hosted on our network as the attackers directed the attacks at our name server IPs to take down its underlying architecture rather than limiting it to a specific website.
Due to the volume of the attacks our network providers were forced to null route and drop all connections to affected IPs to protect our servers and network from damage. The null routes were lifted after roughly six hours during each incident when the attacks were confirmed to have ceased.
During the first attack we were able to restore service to the majority of our servers that were not under direct attack by temporarily changing the IP of our NS1 name server. This limited the attack to just our shared IPs on our Apollo and Luna servers and restored service to our own website so we could better communicate with our customers on the issue.
Our attempts to restore partial service during the second attack were unsuccessful as the attackers quickly began targeting the alternate IPs we assigned to our name servers. To prevent extended downtime of our own website and email we activated CloudFlare's security service on our own domain to bring it back online so we could continue to answer questions sent to us regarding the incident. CloudFlare is a free content delivery network and cloud security layer that our clients may activate through their control panels.
We are currently working hard to investigate and impliment additional measures to limit the impact of denial of service attacks on our network. We are starting by fully separating our DNS name servers from our web hosting servers. Our name servers are currently being moved to new servers that we have setup and spread across the globe on IPs that feature automated DDOS mitigation. This will limit the impact of DDOS attacks targeted at our name servers and will help to keep all other servers online if specific servers or IPs are ever targeted by an attack in the future.
We would like to sincerely thank you for your patience and understanding during these incidents. In our 11 years in business we have never seen attacks of this magnitude or suffered such lengthy outages. We understand that any amount of downtime is just as damaging for your business as it is for our own.
We will continue to explore all options to further protect and secure our customers.
Ryan Smith, CEO