Does AWS Load balancer prevent DDos effectively?

amazon-web-services ddos load-balancing

Solution 1:

As @Tim said, AWS offers AWS Shield, so it’s advanced option provides some basic protection. They also have a basic WAF. I would suggest deploying that as a minimum - but it might not be enough, depending on site traffic and where any attacks are actually originating from.

If it’s a small enough site, that’s probably enough but I would recommend doing some research to see if your problem is failover / some other attack or a DDoS attack.

If it’s more complex, you’re going to want a WAF and DDoS protection on top of your AWS server such as Incapsula (apologies: this is a link to a product page) - this will protect against Layer 3 and Layer 7 attacks. This might not be needed on your website but it is something for your servers and for the higher level infrastructure. Most importantly, it’s not just DDoS protection (but the DDoS protection is always-on, unlike something like Cloudflare, where you have to turn it on if you get attacked) but also protection against other web threats.

I don’t want to advertise for any service, but if you’re not sure what’s causing an attack, one of the bigger benefits of a paid service is going to be the NOC so they can monitor the activity that you’re not so sure about.

Related

AWS S3 Static Hosting with Custom Domain - routing bare domain
mod_pagespeed : install earlier version compatible with libc6 2.13 (Debian Wheezy)
Redirect https://example.com to https://www.example.com
Problem Activating "Windows Communication Foundation Non-HTTP Activation" feature in Windows 7
Can't raise nginx max files opened limit
Advantages / disadvantages of having DynDNS access on a computer vs the router
Apache + PHP-FPM + chroot results "File not found." error
Only receiving one document at a time from new web server
mysql data loss after server crash
Scrub header for internal servers in Postfix?
Postfix - Mail system is down
Openvpn - enabled redirect gateway but can't access any websites