Rogue Security Labs Presents: Domain Name DDoS Mitigation

** EDITORS NOTE 4/08/2019: I employ advanced and custom DDoS mitigation techniques that block attacks before they even happen, without Cloudflare and the like. Last weeks attack was the first DDoS attack to bypass all my protocols, requiring a new custom fix – which is how I found this solution. In my line of work DDoS Attacks and/or threats of them occur weekly. This was hardly the first Layer 7 attack I have seen or been threatened with, it was an entirely new attack version requiring a unique fix. **

Outside of writing/producing articles for my subsidiary – Rogue Media Labs – I own and operate my own online security business – Rogue Security Labs – with an extremely private and limited group of clients. My primary objective here is simple, create a website that no one can hack, crack or crash. However, what makes me unique is the fact that I am an activist at the core, so I am attempting to develop world-class security measures, mitigations and techniques that anyone can essentially implement for free – outside the regular cost of hosting a website. This way, anyone in the world can learn to secure themselves if they really want to – regardless of their current economic situations. This is particularly important in places like Africa or the Middle East, where security mitigation techniques are either limited, non-existent, just emerging or not readily available.

However, just last week, for literally the first time in 21 months, a Rogue Security Labs protect website was crashed by a member of “Pryzraky” going by the name of “PopTart,” whom crashed the website with a very custom made “Layer 7 DDoS Attack.

Learn More About PopTart’s Crash, Botnet & Techniques Here: https://roguemedialabs.com/2019/04/03/rogue-security-labs-crashed-by-poptart-of-pryzraky/

 

However, fast forward to last night, after installing some additional security measures I once again asked PopTart to launch an attack against me to see if any of them would have an effect. Unfortunately though, PopTart once again succeeded in crashing my site. However, he accidentally set his attack time to 25 minutes instead of just a couple minutes, so I decided to start fooling around with my sites settings and back-end just to see if there was anything I could do. What I ended up discovering was a new DDoS mitigation technique that I have never seen, heard of or read before.

Interestingly enough, while I was not able to access my wp-admin dashboard during the attack, I was able to access my blog posts, site pages and domain settings – so I started fooling around with them a bit. Before going any further, you should understand that roguesecuritylabs.ltd has 3 different domains attached to it.

For Example:

https://roguesecuritylabs.ltd
https://roguesec.co
https://anonintell.org

This means that you can type in any of the 3 domains above and they will all lead you to the same location/website. So, just to see what would happen, in the middle of PopTart‘s attack I decided to change my “Primary Domain Name” away from roguesecuritylabs.ltd to roguesec.co – and what I discovered was fascinating. Instantaneously my website came back online and the attack was successfully mitigated. What was even more interesting though was the fact that I could then type in roguesecuritylabs.ltd to the URL address bar and the site still came back online normally, even though the roguesecuritylabs.ltd domain was still technically under attack and had been receiving a “502 Bad Gateway Error” just seconds beforehand. Talking to PopTart in live time as I was doing this, even the hacker was able to confirm that all his traffic had started getting re-directed and the attack was therefore mitigated.

How It Works?

Given that every domain name has a different IP Address, if you change your websites primary domain, you are therefore changing your websites IP Address – even if it is literally just a single digit. This means that any attack pinned at an IP Address, which almost all are, will be successfully mitigated by changing your domain name – because your site will no longer be relying on that IP Address to display its content – understand?

Perhaps most importantly, this is a DDoS mitigation technique that can theoretically be implemented for just $0.99 – the cost of buying/registering a new domain. You can also get clever with it too. For example, take Rogue Media Labs. The sites current domain is roguemedialabs.com – but I could buy/register something like roguemedialabs.co or roguemedia.co – so on and so forth. This ensures that even if I change the sites primary domain because of an attack, my new URL Address seen by the general public will still fit my theme/branding – get it?

Lastly, this is a mitigation attack that can theoretically be pulled off an unlimited numbers of times – or at least as many different domains that you’ve registered and attached to your website.