Your online shop is busy taking orders. Then pages start to drag, checkouts hang, and baskets stall. Minutes later, customers see nothing but errors.

A Distributed Denial of Service (DDoS) attack is one of the fastest ways to knock a website or server offline. By overwhelming your systems with fake traffic, attackers make it impossible for real customers to connect. And they're becoming more common. The latest DDoS Threat Intelligence Report from NETSCOUT reveals more than 8 million attacks globally in the first half of 2025.

But you can stop a DDoS attack in progress and prevent future ones with the right approach. This guide explains the warning signs, step-by-step responses, and long-term protections that keep your business online.

Spot the signs of a DDoS attack

Recognising the problem quickly is the first step. Many attacks start small and build over time, so early detection could save you hours of downtime. Common signs include:

  • Your website suddenly slows or crashes without warning.
  • Unusual spikes in traffic from a single region or suspicious IP ranges.
  • Repeated requests for the same page, image, or file.
  • Customer complaints about errors like “504 Gateway Timeout” or “site unavailable.”

Not every traffic spike is an attack. A sale or a viral post can be genuine. A DDoS usually looks unnatural – thousands of identical requests per second, traffic from unusual sources, or many hits to the same resource.

How to stop a DDoS attack in progress

If you ever find your website under attack, these steps show you how to stop a DDoS attack quickly and limit the damage.

Step 1 – Contact your hosting provider

Most web hosts, including Fasthosts, have DDoS mitigation systems in place. They can reroute traffic through filters or scrubbing centres that separate fake requests from genuine ones. Contacting support should be your first action. They may already see the attack in their monitoring tools and be taking action.

Step 2 – Block or rate-limit suspicious IPs

Firewalls and server rules let you block or slow requests from malicious addresses. While attackers often use botnets with thousands of IPs, blocking the most aggressive ranges can buy you time. Rate limiting (capping how many requests a user can make per second) is particularly effective against floods of repeated traffic.

Step 3 – Use a Content Delivery Network (CDN)

A CDN spreads traffic across a global network of servers, absorbing excess load before it reaches your origin server. Many CDNs, such as Cloudflare or Akamai, provide automatic DDoS protection. For businesses using Fasthosts, pairing hosting with a CDN adds another shield.

Step 4 – Switch to a backup or failover system

If your infrastructure includes a secondary server or failover system, use it. High-availability setups redirect visitors to another server if one becomes overloaded. While this won’t stop the attack itself, it helps you stay online while mitigation takes place.

These steps won’t always stop a determined attacker immediately, but they minimise downtime and keep at least part of your service available.

How to prevent DDoS attacks before they start

Prevention costs less than recovery. The best way to stop a DDoS attack is to make sure it never overwhelms you in the first place. By putting protections in place now, you reduce the chance of being caught off guard.

Invest in hosting with built-in DDoS protection

Choose a provider that includes DDoS protection by default. Our Web Hosting and VPS plans come with mitigation tools that monitor traffic and filter out malicious requests before they cause disruption.

Use external DDoS protection services

Specialist providers such as Cloudflare, Akamai and Imperva add another defensive layer. They route traffic through global networks that filter or absorb malicious requests before they ever reach your server. Pair them with DDoS-protected hosting for stronger, multi-layered defence.

Configure firewalls and web application firewalls (WAFs)

Traditional firewalls block unwanted traffic at the network level. WAFs go further by filtering application-level requests, protecting against common exploits like HTTP floods. Combined, they form a strong first line of defence.

Use rate limiting and traffic thresholds

Set rules that restrict how many requests a single user can make per second. This prevents attackers from overwhelming forms, login pages, or APIs. Many servers and security plugins make this easy to configure.

Keep systems updated

Out-of-date software is an easy target. Attackers often exploit known bugs to make their attacks more effective. Regularly update your operating system, CMS, plugins, and any third-party tools to close security gaps.

Build an incident response plan

Even the best defences can be tested. Document who to contact, what systems to check, and which protections to activate if you suspect a DDoS attack. A clear plan reduces panic and shortens downtime when minutes matter.

FAQs about stopping DDoS attacks

What is DDoS attack mitigation?

DDoS attack mitigation is the process of recognising and filtering malicious traffic while ensuring genuine users can still connect. It uses tools such as firewalls, content delivery networks (CDNs), and hosting-level protection. The goal is to reduce disruption, absorb the attack load, and maintain uptime throughout the incident.

Can I stop a DDoS attack myself?

You can take some immediate steps to stop a DDoS attack yourself, like blocking suspicious IPs, enabling rate limiting, or temporarily moving traffic through a CDN, but large-scale DDoS attacks usually exceed what individuals can handle. In most cases, you’ll need support from your hosting provider or a dedicated DDoS mitigation service to keep your site online.

How long do DDoS attacks last?

The duration of a DDoS attack varies. Some last only a few minutes, while others continue for hours. Attackers often stop once their resources are exhausted or if defences prove effective. Having DDoS protection ensures your website stays online no matter how long the disruption continues.

Is DDoS protection worth it?

Yes, because downtime can quickly become costly. You risk lost sales, reputational damage, and customer frustration when your website is unavailable. Hosting plans with built-in DDoS protection or specialised mitigation services cost less than recovering from repeated outages.

Can DDoS attacks cause permanent damage?

A DDoS attack usually doesn’t damage your hardware or delete data. The main impact is downtime and service disruption. Repeated or prolonged attacks can affect customer trust and increase operational costs. Protecting your infrastructure reduces both short-term losses and the longer-term risks of reputational harm and lost revenue.

What’s the difference between DoS and DDoS?

A DoS (Denial of Service) attack comes from a single source, such as one compromised server. A DDoS (Distributed Denial of Service) attack comes from multiple sources at once, often thousands of devices controlled by a botnet. This makes DDoS attacks far harder to block and contain effectively.

Nobody wants to lose orders or customers to a flood of fake traffic. With Fasthosts Hosting, VPS, and security tools, you won’t have to. Our built-in DDoS protection and 24/7 support keep your site open for business. So, you can focus on the real visitors, not the bots. And because every business is different, you’ll find a hosting plan that fits your needs, from starting out to scaling fast. Staying online shouldn’t feel like a constant battle. With Fasthosts, it’s one less thing to worry about.