A DDoS, or distributed denial of service, is an attack that overwhelms a website or online service with a flood of fake requests until it cannot serve real users. The traffic comes from many machines at once, often thousands of hijacked computers and devices, which is what the word distributed refers to.

Imagine a small shop with one door. Normally customers walk in, buy something and leave. Now picture a crowd of people who have no intention of buying, packing into the doorway just to block it. Real customers cannot get in, and the shop grinds to a halt. A DDoS does exactly this to a server. The defence is to spot and turn away the fake crowd before it reaches the door, which is where rate limiting and traffic filtering come in.

Because the attack is spread across so many sources, you cannot simply block one address. Serious protection usually means putting a service like Cloudflare in front of the site to absorb and scrub the traffic. Tools like a CAPTCHA can also help separate humans from bots when an attack targets a login or form. The scale can be huge. Some recorded attacks have pushed terabits of traffic per second, far more than any single server could ever handle on its own. The motive varies too: sometimes it is a competitor, sometimes a bored group, sometimes extortion with a ransom note attached. What stays the same is the effect. Your site goes dark at the worst possible moment, often during a launch or a sale.

At TopDevs we put rate limiting and a DDoS-aware edge in front of the services we host, so a flood of junk traffic gets filtered out before it ever reaches your application or your real customers.