What happens if a DDOS attack hits Windows Azure Web Sites?

Dejan Pelzel picture Dejan Pelzel · Dec 7, 2012 · Viewed 19k times · Source

I am just thinking of moving a website from a VPS to Windows Azure Web Sites. After doing a load test, I accidentally took down my test website, using around 30MB over the daily bandwidth.

This made me wonder what would happen if my website was suddenly hit by a DDOS attack? I'm pretty sure everything would max out the daily and hourly limits in no time, even worse, redirecting all the users to the azure over limit notification.

Is there anything that can be done about that? I know the daily bandwidth limit will be harder to reach after I put all the images on a CDN, but I'm afraid what would happen if there's a spike or something.

Sorry for such an answer with no head and tail. I hope you guys will understand.

Answer

Robert Greiner picture Robert Greiner · Dec 7, 2012

Windows Azure has built-in load balancers that will stave off most (if not all) DOS type attacks. The truth is, Microsoft is very hush-hush on the specifics of how their load balancers protect against malicious attacks (as they should be).

An added benefit to hosting your applications in the cloud is that you can take advantage of auto-scaling when you get heavy loads (malicious or otherwise) so your site won't go down.

You might want to check out the Security Best Practices For Developing Windows Azure Applications document for more information on this.