16 July 2018
We are proud to be more than a storage space for our clients. From the very beginning, we wanted to become their partners and provide the hosting solutions moving the ecommerce business of our customers forward. In this article, we want to share some cases when Amazon Cloud Hosting service went further than clients expected and contributed to the business success.
A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources. They target a wide variety of important resources, from banks to news websites, and present a major challenge in making sure people can publish and access important information.
We’ve learned to detect the harmful traffic quickly and prevent the attack. Our protocols are not perfect, but they already proved to be effective. We are constantly improving the protection service by combining machine automation and human investigation.
One of our clients suffered a massive attack late at night and the performance of the website dropped to the ground. The traffic was coming from another side of the planet – from China. The monitoring system detected a deviant growth of requests amount coming from thousands of different IPs and alerted us. After contacting the client, we found out that it was not an advertising campaign, but a botnet attack. Since the website owner did not have customers from China and was not targeting that area with his business, we decided to deny the access to the website from entire China.
This simple solution immediately ceased the attack and the performance returned to normal without downtime and business interruption. It took only an hour to prevent the DDoS attack.
While denying access works fine to keep the website protected from the attack, it should not be a default action. Sometimes, the overwhelming traffic is not that bad! The hosting company should keep it in mind and be ready to sustain it.
One of our clients arranged a huge advertising campaign with Snapchat which sent out its bot to gather the information from the targeted website. Our monitoring system detected 300 requests a minute and alerted us. We limited that traffic as soon as possible while waiting for the reply from the owner. Fortunately, he answered shortly letting us know about the campaign with Snapchat. We switched off the traffic restriction and kept monitoring the website for stable work. Though the website performance decreased, it did not fall and soon the Snapchat bot stopped sending the requests returning the performance back to normal.
Communication is important for both sides – the client and the host. We ask our clients to let us know about the upcoming promotions on events like Black Friday or Cyber Monday to be able to filter the traffic or scale up the resources for busy days if needed. At the same time, we always make sure that the traffic we are going to block has no value for the client.
Applications are not ideal, as well as the code. The errors may occur when you don’t expect them to, even in the most common and routine situations. They can be caused by the quality of the core code or due to the integration or upgrade. The versions of the collaborating applications might not match and result in the overall system failure. But the most common reason for the errors inside the application code is the human factor. It often happens when the website owners change the development team or perform upgrade by themselves.
Though we encourage our customers to learn more about programming and software configurations, we always warn them that some manipulations have to be left for the professionals as they can affect their ecommerce business stability and security.
Due to our Service policy, we manage only the server, we don’t manage the applications installed by the customer. Nevertheless, it’s our concern to have the customer’s business online and successfully growing with no interruption. That’s why we decided to monitor the application performance regularly and inform the owners about anything we find that can slow down the website or cause critical errors. On the top of that, we are the most loyal CS-Cart fans and we’ve studied it throughout the years perfectly. We know the weak points that need precise monitoring.
One of our clients once made two upgrades one following another. In a few minutes, the monitoring system alerted us that the number of requests grew from 500 to 5000+. We investigated the problem and found the error caused by the incorrect upgrade. The same hour we sent our client an email telling about the error and explaining its cause. The client was quick to take actions and fixed the issue on the same day.
It’s important to study the technologies you use for the business, but sometimes this knowledge has to stay in theory. Entrust complicated manipulations to the developers and inform your host about upcoming upgrades or modifications. Keep improving the code constantly, but in iterations – code, deploy, monitor, repeat.
Another human factor that can influence the online business in a negative way is the former staff. After parting ways with developers the employer does not bother to withdraw their access or at least change the password. Some fired employees often get insulted and try to take revenge.
Our client had a low-cost development team to reduce the expenses of the startup. When the business took off, the store owner could afford to move to our hosting and hire more expensive developers to continue growing even faster. One day a few months after the migration the store did not open. It just disappeared. We immediately received multiple alerts from our monitoring system alongside with an angry letter from the owner blaming us to fail the service terms compliance.
Two minutes later we recovered the log files which told us that someone accessed the store and deleted everything that could be deleted – products, orders, etc. We also found out the country the connection was from. With all the information, we reverted to our customer. Finally, it turned out that our customer left the previous developers with hard feelings and they decided to settle accounts with him. Luckily for them, the owner did not change the root password.
We recovered the entire store with all products and orders from the latest backup. In only two hours after the first alert, the website was back online and fully operational. After this issue, we wrote a manual on How to manage users and created a special tool for our clients to make it easier.
Make sure you change the passwords to the website regularly, even if you are the only person who uses them. Make sure you create strong passwords. And back up the store every day to be able to recover from the intrusion if it takes place. Take it seriously, it’s your business and your future. Make sure you are ready for the worst.
To optimize hosting expenses, sometimes knowing the basic specification is not enough. More often you have to know how server applications and services work together. It can happen that your slow website does not need some extra resources which will cost you another $100 a month. Sometimes you can increase the performance and cut expenses at the same time by fine-tuning the services.
We are not the only company providing the Amazon Cloud Hosting service. Sometimes we have clients coming to us with existing AWS accounts to delegate server management to us and free more time for business and marketing. One of them was surprised to hear from us that he was paying too much for his hosting and we can reduce his monthly cheque.
Not only we configured AWS services, we also found out that he was paying several hundred bucks a month for the service he never used. Yep, Amazon guys know how to scare you and make you buy.
Eventually, the monthly hosting spendings for that client reduced by three times while the performance increased and became more stable.
It’s your choice either to spend the time to study the hosting manuals or to delegate the entire management to the hosting provider. Probably, spending time on marketing and growth will bring you more profit than wasting it configuring the servers yourself.
Taking on new clients we conduct the complex audit of the entire infrastructure to increase the website load speed to the maximum possible. Unlike other hosting services, we look for the opportunities where no one does – in the client’s software. We don’t manage it, but we can point out the weak spots which can be improved. We do it for two reasons – we want our clients to live forever and grow faster, and we know the software and know where those points of growth hide. We can do it, so why not!
One business migrated to our servers from a powerful dedicated server because the heavy investments in the resources of the server did not justify themselves. Migrating to the cloud hosting itself increased the website speed by 10%. But that was not enough to meet the benchmark and we proceeded to tune the configurations. And we managed to increase the load speed 5% more. We knew it could be better and scanned the application code with our monitoring system, which found numerous code errors that were slowing the website down. The client was happy to have the code audit review and a couple of days later when the code was fixed, the load speed finally increased by 10% and met the level we targeted from the beginning. The overall hosting expenses for the client decreased significantly.
The faster the better! Never forget this rule. Chasing the load speed adding resources is effective, but if it does not influence the performance, stop doing it. Dig into the code and search for the optimization there. Or delegate it to a skillful developer and save your time.