Dealing with a Botnet attack on a Drupal website
I’ve recently been fixing a few problems on a client's website. I wasn't involved in the initial development, but as the site was built in Drupal, an open source content management system, I found it relatively straightforward to get up to speed on the technical aspects of the site. The client had found that recently the website had been very slow. When I investigated, I found that the website was suffering an attack from a botnet.
One of the advantages of using open source software like Drupal or WordPress to build your website is that you are not tied to a single developer. If you want to switch to a different company to maintain and develop your website, then you can. Conversely, if your website is based on proprietary software provided by a single company, then switching developers can be very difficult. But a downside of using these standard technologies is a higher likelihood of problems such as botnet attacks - particularly if the site security is not set up properly.
A botnet is a collection of internet-connected computers. In this instance, the botnet computers had malicious code installed on them. The computers could then be used to send spam emails or attack websites in an attempt to disable them or gain access. No one knows how many computers are infected across the internet, but it’s in the millions. The infected computers may be anywhere in the world, and in this instance I tracked most of the attack to China and the USA.
I took a series of measures to stop the attack, but the main one was to make it much more difficult for a botnet to create a user account. I also used some tools to block the many accounts they had already set up. As the site was built in Drupal, the botnet had been exploiting a common signup facility. However, being open source software, there were plenty of free tools available to deal with the botnet attack and to prevent it from happening again.
Software like Drupal and WordPress have a number of advantages, such as lower costs and ease of switching development companies, but when using them, do ensure that security is set up correctly. It’s not difficult to do, and it's very effective. After all, the official White House website, one of the biggest online targets in the world, runs on Drupal and has never been hacked.