In November 2023, a small UK e-commerce site lost £15,000 in sales over a single weekend. The cause? A DDoS attack that their cheap hosting provider couldn’t handle. DDoS stands for Distributed Denial of Service — thousands of compromised computers flood your website with fake traffic until legitimate visitors can’t get through.

Small businesses

Targeted more than you’d think: they’re easier targets with less protection, attackers may demand payment to stop, unscrupulous competitors may target rivals, and on shared hosting an attack on any site affects all sites. 43% of DDoS attacks target small and medium businesses, with the average attack costing £8,000 in lost revenue and recovery.

On cheap shared hosting with limited protection: your site receives abnormal traffic spikes, server resources become exhausted, your site becomes slow then unresponsive, your hosting provider may take your site offline to protect others, and recovery can take hours or days.

Our platform includes built-in DDoS protection at multiple levels: network-level filtering blocks malicious traffic before reaching your server, AI-powered traffic analysis distinguishes attacks from legitimate visitors, automatic scaling absorbs traffic spikes, and geographic filtering challenges suspicious traffic patterns.

For any UK business that relies on their website for leads or sales, DDoS protection isn’t a luxury — it’s a necessity. When evaluating hosting, ensure traffic filtering and DDoS mitigation are included by default. Combined with web application firewall and brute force protection, you get comprehensive defence. Compare hosting approaches to see where protection is typically missing, and review our uptime guarantee.

Frequently Asked Questions

What is a DDoS attack on a WordPress site?

A Distributed Denial of Service (DDoS) attack floods your website with fake traffic from thousands of compromised computers simultaneously, overwhelming your server’s capacity to respond to legitimate visitors. Your site slows to a crawl, then becomes completely unresponsive. DDoS attacks range from volumetric attacks (flooding bandwidth) to application-layer attacks (targeting specific WordPress endpoints like wp-login.php or the REST API with requests designed to exhaust PHP workers and database connections). 43% of DDoS attacks target small and medium businesses.

How much does a DDoS attack cost a UK business?

The average DDoS attack costs UK SMEs approximately £8,000 in combined lost revenue and recovery costs. For ecommerce sites, every hour of downtime during peak trading periods multiplies this figure — a WooCommerce store processing £5,000 per day loses over £200 per hour of downtime. Indirect costs include customer trust damage, negative reviews, and SEO impact if search engines crawl the site during downtime. Recovery time without proper DDoS mitigation can extend to hours or days if the hosting provider takes the site offline to protect shared server resources.

Can shared hosting handle DDoS attacks?

Shared hosting typically cannot withstand DDoS attacks effectively. Budget hosts have limited bandwidth and shared resources — when one site on the server is attacked, all other sites on the same server are affected. Many shared hosting providers respond to DDoS attacks by taking the targeted site offline rather than filtering the traffic, which protects their infrastructure at the cost of your availability. Effective DDoS mitigation requires network-level traffic filtering at the CDN or data centre edge, before malicious traffic reaches the hosting server.

How does managed hosting protect against DDoS attacks?

Managed hosting with integrated DDoS protection filters malicious traffic at multiple network layers before it reaches your server. Network-level filtering blocks volumetric attacks based on traffic patterns and IP reputation. Application-layer protection identifies and blocks WordPress-specific attack vectors such as coordinated wp-login.php flooding. Geographic filtering challenges traffic from regions with high attack ratios. AI-powered traffic analysis distinguishes genuine traffic spikes (product launches, press mentions) from hostile flooding. This protection operates transparently — legitimate visitors are unaffected while attack traffic is dropped at the network edge.

How is a DDoS attack different from a legitimate traffic spike?

Legitimate traffic spikes have identifiable referrers (social media posts, email campaigns, press coverage), natural browsing patterns (visitors explore multiple pages, spend reasonable time on site), and realistic geographic distributions matching your audience. DDoS traffic is characterised by high request rates from unusual or broadly distributed IP ranges, repeated requests to the same URL, abnormal user agent strings, and request patterns designed to exhaust server resources rather than consume content. Distinguishing the two requires traffic analysis capability — a feature of enterprise DDoS mitigation that budget hosting does not provide.