What happens if a DDOS attack hits Windows Azure Web Sites? [closed]

Question

Closed. This question is off-topic. It is not currently accepting answers.

---

Want to improve this question? Update the question so it's on-topic for Stack Overflow.

Closed 8 years ago.

Improve this question

I am just thinking of moving a website from a VPS to Windows Azure Web Sites. After doing a load test, I accidentally took down my test website, using around 30MB over the daily bandwidth.

This made me wonder what would happen if my website was suddenly hit by a DDOS attack? I'm pretty sure everything would max out the daily and hourly limits in no time, even worse, redirecting all the users to the azure over limit notification.

Is there anything that can be done about that? I know the daily bandwidth limit will be harder to reach after I put all the images on a CDN, but I'm afraid what would happen if there's a spike or something.

Sorry for such an answer with no head and tail. I hope you guys will understand.

Answer 1

Windows Azure has built-in load balancers that will stave off most (if not all) DOS type attacks. The truth is, Microsoft is very hush-hush on the specifics of how their load balancers protect against malicious attacks (as they should be).

An added benefit to hosting your applications in the cloud is that you can take advantage of auto-scaling when you get heavy loads (malicious or otherwise) so your site won't go down.

You might want to check out the Security Best Practices For Developing Windows Azure Applications document for more information on this.