Since cloudflare became useless for people who want free ddos protection, what is a new/better (existing) protection against ddos attacks beside a proxy?
Discussion opened
Since cloudflare became useless for people who want free ddos protection, what is a new/better (existing) protection against ddos attacks beside a proxy?
Discussion opened
Cloudflare isn't useless. It does its job which it was always meant to do. Most of you won't even get attacks big enough to worry.
JavaPipe.com is good for emulator protection though.
Read my message better. I didn't said cloudflare is useless for everbody. :)Originally Posted by SkeetEmUp
Cloudflare isn't useless for everybody? Half of you want even get big enough attacks to get kicked off cloudflare.
do you ever read my messages correct -.-?
Quote: 'I DIDN'T said cloudflare is uselesa for everybody'
I found a new way to protect your hotel against ddos attacks.
I think installing CSF is a good option to protect yourself. It's a new and better firewall.
Once again, software/hardware firewalls are useless if the attack saturates your connection. Which could be easily done with a $20 VPS with a 1 Gbit uplink. Soft/Hardware firewalls are good for application specific attacks. For example if someone was flooding your webserver with GET requests a software firewall would be good enough at dealing with this. However with a DDoS attack on the network layer its much different. Picture a river trying to cram itself down a drainage pipe, that's what a DDoS is. You're fucked before it even reaches your server.
Ok, give me a better option to protect you retro against a ddos attack beside a proxy. If you don't take some action to protect your vps, you only have to wink and your vps ddosed or booted. That's what this retro community became.
(P.s. I know software/hardware can't protect you against ddos but it can do atleast something :/)
You can go with HyperFilter, but probably for you it should cost 'too much', but in case money is not an issue, then they are certainly the solution..., they aren't the most expensive on the market, but also they won't sell you something for U$$ 13.99 lol.
I was using Debian and ip tables - I made a script that blacklisted any IP with 40+ simultaneous connections, worked quite fine, no downtime.
Use Kiwiguard to block ips. And stop ddos attacks. :)
Stopping a DDOS/DOS attack with your own server (VPS or dedicated) is fine under the following conditions.
1. The total throughput of the attack is less than the bandwidth available to you (could be the port speed. or less if its shared)
2. Your CPU and network hardware can handle the PPS, usually software (kernel) aproaches are limited to a few k PPS, specialized hardware can provide protection in the millions of PPS.
3. You have adequate experience in writing iptables rules.
4. Your provider doesn't nullroute your IP address to reduce cost (they will normally do this to protect their own network)
Hardware will always trump software, but its more pricey.
Reply With Quote