Human Rights Watch ensures DDoS protection with CDNetworks

Logo Human Rights Watch

At a glance

Company: Human Rights Watch

Founded: 1978

Headquarters: New York, USA

Industry: Non-profit NGO


CDN Services: DDoS Protection, Content Acceleration, SSL

Key results

  • Gained automated DDoS protection for global website
  • Leveraged CDNetworks‘ absorption PoPs to seamlessly block false requests
  • Ensured privacy and protection of website users via SSL

Founded as a private American NGO in 1978 to monitor the Soviet Union’s compliance with the Helsinki Accords, Human Rights Watch (HRW) has grown to become a worldwide leader in the battle for, and protection of, human rights. From offices on 5 continents, HRW’s 400 employees are dedicated to protecting the human rights of people around the world. They stand with victims and activists to prevent discrimination, uphold political freedom, protect people from inhumane conduct in wartime, and bring offenders to justice.

The HRW website is critical to organisational success, because it allows the organisation to make information available around the world about abuses that are taking place. At the same time, the website comes under attack occasionally from individuals, governments and organisations that have a stake in blocking HRW’s efforts.

These nefarious actors leverage many attack types, but their favored type is the denial of service attack, or DoS. “Every couple of months we can count on getting hit by a large-scale attack,” said Mihai Cuibus, Senior Digital Engineer at Human Rights Watch. “Once in a while, attackers will throw in an injection attack as well.”

The challenge

For years, HRW had the ability to manually mitigate DoS or DDoS attacks, but the organisation still suffered each time an attack took place. This was primarily due to the time required to identify threats, notify key IT team members and take defensive measures. Once alerted to an attack, HRW’s two-person technical web team would need to drop what they were doing and respond to it. While they did, HRW’s 70 content creators and publishers would be unable to perform their critical web-related tasks. This prevented the organisation from getting the word out on current events as fast as they wanted.

In addition, online donations could not be processed by the HRW website while an attack was taking place, as it consumed all server resources. In this way, automated alerts were not suitable for preventing damage. “We received automated attack alerts from our New Relic technology,” said Cuibus. “But knowing an attack is underway and stopping it are two different things. We needed to gain a more proactive defense posture.” 

The solution

When Human Rights Watch migrated hosting services to Pantheon in 2014, the web team decided to simultaneously implement a solution for proactive DDoS detection and mitigation. They did not have to look far for the ideal solution. They had already been accelerating their website content and applications for several years using CDNetworks.  

As HRW completed its hosting implementation, they pointed all traffic to CDNetworks global acceleration servers which include special DDoS ‘absorption’ PoPs. These absorption PoPs, which can handle millions of simultaneous requests, are incorporated into the CDNetworks cloud-based server network.

Through its Pantheon-to-CDNetworks deployment, the web team looked to ensure their website infrastructure would meet the following requirements:

  • DDoS mitigation with no downtime
  • Simultaneous website serving and attack absorption
  • 24/7  monitoring by CDNetworks’ security experts
  • Real-time  and  historical  event reporting
  • SSL for protection of website users
  • Acceleration of the Drupal content for optimal website speed for desktop and mobile users
  • Proven high performance across all countries where HRW operates

The web team implemented the new hosting infrastructure quickly. “CDNetworks’ expertise around accelerating Drupal websites really helped,” said Cuibus.

The results

The Human Rights Watch website is fast and high performing on CDNetworks 200 global points of presence. Now, with DDoS protection and 24/7 security monitoring, the website will always be accessible. Each time an attack occurs, the CDNetworks absorption PoPs automatically mitigate the malicious website traffic, while the rest of the CDNetworks PoPs accelerate the legitimate traffic. “For the past several years, we have been extremely happy with CDNetworks stellar support and performance,” said Cuibus. “The CDNetworks DDoS absorption PoPs will keep our website up and performing fast, even as we come under attack. Instead of people sitting around and waiting for a fix, our 70+ content creators can continue publishing critical content without missing a beat.”

Additionally, CDNetworks is speeding Drupal content and providing SSL encryption for Human Rights Watch website. This ensures the privacy of all website users and helps maximise the ability to keep donation transactions flowing securely.


Download the pdf

Contact us now!
+44 203 657 2727

Under attack?

Get help now

Please enter a valid url
Thank you
Many thanks for your message. 
We will be in touch shortly.