DDoS protection keeps Betstar.com.au running

Online betting website Betstar.com.au was recently taken down, when a DDoS (distributed denial of service) attack aimed at a competitor in the same co-location data centre took Betstar’s site with it. Betstar decide it was time to implement DDoS protection.

Betstar.com.au offers internet betting on Australian and international sports and racing. Site performance and availability are particularly critical during the weeks of the Spring Carnival leading up to the Melbourne Cup.

“The weeks leading up to the Melbourne Cup are extremely busy,” says Bryan Dunne, IT manager at Betstar. “This time period makes the year for every online bookmaker in Australia. If you experience website outages during Spring Carnival, then you can wipe out a nice chunk of your profits for the year.”

Recently, during the first weekend of the Spring Carnival racing season, attackers launched a high volume DDoS attack against the IT infrastructure of one of Betstar’s competitors. The two companies share infrastructure at a co-location data centre, so when the 10 Gbps DDoS attack on the competitor’s website brought down the entire data centre, both sites experienced outages.

Betstar was down for 30 minutes before switching over to a redundant system, while the competitor’s site was down for an entire day.
Following the attack, Dunne began to look for a DDoS mitigation service. Betstar’s infrastructure provider recommended Prolexic for DDoS protection.

Betstar contracted Prolexic to supply its PLXproxy (non-emergency) DDoS mitigation service. Betstar also uses Prolexic’s protected DNS service for all of its domains.

“The cost of a site outage due to DDoS far outweighed the cost of protection, and Prolexic gave us a very fair price,” Dunne said.

Almost immediately after the Prolexic solution was deployed, Betstar experienced a DDoS attack indirectly. The company shared a name server and data centre with a competitor and when that firm was targeted by a DDoS attack, the Betstar website experienced a brief period of downtime due to collateral damage.

The DDoS attack came through one server that was not protected due to the fact that its DNS name change had not yet replicated completely around Australia. Betstar needed to keep that server available so that people could still access the site, but despite that vulnerability to attack and a brief outage, Betstar was able to switch to a redundant server and continue serving customers.

Dunne said that the Prolexic solution causes no latency issues, despite routing Betstar’s site traffic from its Australia-based network through Prolexic scrubbing centres in the United States.

“Latency is a key concern for our website, and we were concerned that routing traffic to the US would add seconds to page-load times, which could have a massive impact on our business,” Dunne says. “Prolexic assured us that latency would be less than a half second, and it has been, even at very busy times.”

With DDoS protection, Betstar has a lower risk of losing revenue or potential customers at the company’s most profitable time of the year.