Web Hosting Talk : Web Hosting Main Forums : Hosting Security and Technology : Does DDOS Protected Servers have any affect on SEO?

[WebSavvyGuy]

I am not sure if this belongs in this forum but ill ask anyways.

Does anyone know what affect of utilizing a DDOS protected service (Blacklotus, Staminus, etc) has on SEO?

Obviously, one of my biggest fears would be search engine bots being filtered out accidentally. Also, there maybe slight latency increases associated with DDOS protection. Fast site speed is now a factor in SEO.

I guess the hosts can whitelist the search engine bot IPs but i'm not sure if all hosts actually do that.

Was wondering if any of you have any experience with regards to this, whether good or bad.

Basically i need to make a decision on whether or not to bring one of our websites over to our DDOS protected servers, without having a negative impact on SEO.

Thanks in advance.

[TheTop]

My general thought here would be a 'no'. DDOS protection in theory has nothing to do with SEO. Having said that the only issue I can see is with bots being blocked (as you mnetioned above). If google or any other search engine crawls too quickly that might kick off one of your DDOS rules and block it.

The BAIDO (chineese spider) bot very rarely respects the server when spidering if your DDOS rules let that bot get through you should be fine on all others, on the flip sode if your DDOS protection lets BAIDO through it might need tweaking

As for the speed decrease, yes if your site takes 30 seconds to load, its a problem, if its a few milliseconds you are fine. Once again if your DDOS protections adds 10 seconds to the load time, you should revisit the implementation.

[IRCCo Jeff]

The effect is zero. Blacklotus.net is PR6, the highest of any DDoS protection company, and it is constantly used for target practice. It is important to understand that any load time overhead is not observed by Googlebots, etc. We do completely whitelist confirmed friendly networks.

[toro]

An effective ddos mitigation system needs to be able to determine 'friendly' from 'foe' without the use of static whitelists. This is because static whitelists can be potentially spoofed to generate an attack. That said, most mitigation providers will have a reasonable method to prevent SEO impact.

[MattF]

Quote:

It is important to understand that any load time overhead is not observed by Googlebots, etc.

From my understanding Google bots do care about page load time, it always considered the time to first byte and time to complete the page load, now it is believed to consider the time to when the page is ready (due to using a headless Chrome browser as part of the new browsing bot rollout), this including any async javascript loads. I worked on large scale project where vast energy is spent optimizing page load time, not only for the visitors benefit but also from an on-site SEO perspective. Basically we developed a guideline where any page request is not too touch disk (with the exception of POST submissions), this lead to generally a GET request will hit an in-memory redis cache and thus <50ms time to first byte (excluding any network latency), and of course scaling was much easier due to this approach. tl;dr In a nutshell Google cares about page load speed.

[beow]

Quote:

Originally Posted by toro

An effective ddos mitigation system needs to be able to determine 'friendly' from 'foe' without the use of static whitelists. This is because static whitelists can be potentially spoofed to generate an attack. That said, most mitigation providers will have a reasonable method to prevent SEO impact.

I think that the clue is to whitelist them on Application Layer, where they cannot be spoofed.

[reto]

Quote:

Originally Posted by beow

I think that the clue is to whitelist them on Application Layer, where they cannot be spoofed.

This should be standard practice when dealing with SE bots. If you have any doubts about DDoS protection cutting you out of SE's you can always verify your site's accessibility, while under the protection of course. With Google, you can see Googlebot’s ability to crawl your content through the Google Webmaster Tools Panel. If you have further doubts, talk to your provider and ask about their policy on updating SE's networks in their whitelists.

A good DDoS Protection service must "roll with the punches", i.e. relax your Application Level protection when not under attack (all traffic goes through) and intelligently adjust protection filters when you get hit.

[znetindia]

Hi,

You should try this script :-

http://www.inetbase.com/scripts/ddos/

Download the files and install :-

./install.sh

Note, this will help you with DoS, this could may work with DdoS

[server4sale]

SEO works ok with 90% of the providers out there in market. We have INC 500 clients have very heavy competition and no issue with google and other bots.

[IRCCo Jeff]

Quote:

Originally Posted by toro

An effective ddos mitigation system needs to be able to determine 'friendly' from 'foe' without the use of static whitelists. This is because static whitelists can be potentially spoofed to generate an attack. That said, most mitigation providers will have a reasonable method to prevent SEO impact.

It's not been an issue in the years we've been doing this. As always, there are non-public elements to every strategy.