Password for this please?Quote:
Originally Posted by Giles121
Printable View
Password for this please?Quote:
Originally Posted by Giles121
Your right. Hardware firewalls are the best available.Quote:
Originally Posted by Monsma
Minor software simply block packetflooders/httpflooders etc
However decent firewalls costs an absolute bomb.
if you buy a server and you place it in a datacenter you buy cisco hardware, the first cost is the most expensive then you only earn moneyQuote:
Originally Posted by Jam32
You just said that these would "help protect against booters." Or something.Quote:
Originally Posted by Jam32
It won't. THAT'S WHAT IM GETTING AT, MATE.
Because I'm definitely going to give that much money for a fricking Webhost.Quote:
Originally Posted by spatti88
IF YOU ARE ON A VPS, AND YOU ARE GETTING ATTACKED, SWITCH YOUR HOST.
Don't let them charge you for a server if they're not even going to try and help you with this attack. If they're giving you bullshit like 'oh we can't do anything about that. Sorry.' They're wrong. They totally CAN do something about that. If they can't, then you really need to switch, it's probably because they're a reseller. BUY FROM THE BIG COMPANIES. I'm serious. When it comes to this, go enterprise. The bigger, the friendlier, and the more expertise. About half of those hosts are built by teenagers. Not even jokin! EpicHosts, EmpireHosts, just a few examples. Epic is a scam anyways, your VPS gets cancelled or its just offline. Back to the topic, the datacenters where the big business ones are hosted have huge uplinks, NO MATTER WHAT. That uplink means traffic can be absorbed without overloading. Also on that note, VPSs are hosted on big servers. It's like Inception, a server within a server. This means that this software can be used to absorb the booter attacks. The real server acts as a modem/router, and since a VPSs IP is different than the actual servers IP, the software can be used to block those attacks, since it hasn't hit your server at that point yet. Just a word of advice. BUY BIG, NOT CHEAP. THE CHEAPER, THE WORSE.
Password: "buyitifyouwantitthatbad"Quote:
Originally Posted by neto737
Also, these programs don't actually help much. Personally, I'd suggest to just stick with CloudFlare.
I have only used Kiwiguard, and Cloudflare in my entire life, and I uninstalled KiwiGuard because it did always block my IP :IQuote:
Originally Posted by Sean
Like Sean said, stay with Cloudflare, it's the best you can get for your website.
woahhh, whoever took a shit in your curry musta had some bad bug.Quote:
Originally Posted by FullmetalPride
Calm the fuck down
I've never used it, but I've seen people say(going by their word) that this helps block shells.
As far as I know, it can be used on apache servers to block certain php bits in common shells such as c99.php Weather it works or Not I don't know. I have no reason to test it, but I have no reason to keep quiet and not share it.
mod_security is not for ddos, its an application based security tool to stop exploits if you want something for apache that blocks then you'll want ddos_deflate.
Don't bother looking for D-Guard I baught it for 950$ and it doesn't work as well as I thought it did, you'd need 2GBPS uplink to your server, for it to actually help, and that's a little :glare:
Would have probably been cheaper to rent a hardware Cisco firewall system from your provider!Quote:
Originally Posted by iBling14
Ouch, what a waste of money.Quote:
Originally Posted by iBling14
Your posts make me giggle with how misinformed and stupid you are.Quote:
Originally Posted by FullmetalPride
As for the thread;
*drum roll* ...
There's no such thing as DDoS protection software. If you want DDoS protection you must have hardware more capable than the attack; This is where DDoS protected server hosting companies come in. DDoS protected hosts' have the bandwidth, connection and hardware capable of taking on attacks and dealing with them. You can not stop UPD data being sent to a server, even if you have a hardware firewall, that will still be hit offline before it hits your server. However that is retrospective to the size of the attack; For example. If a server with a 1Gbit uplink is sent a 100mbit attack, then the server will go offline - It's being flooded with packets. A hardware firewall can counteract this attack as it has more resources and bandwidth VS the attack being given. However if a 2 Gbit attack was being sent, then when the packets hit the hardware firewall it will be 'knocked offline'.
The real solution to an attack is to grow the fuck up. I really can't believe people are so pathetic and shallow enough to attack other hotels. It's a sad state of afairs when hotels must resort to attacking each other because the hotels they own suck ass and no body wants to join them. Or because they enjoy the power trip and making servers go offline. Again, as always. This is another reminder that this community has gone to shit.
What do you think is on these hardware firewall systems? They don't just magically mitigate attacks, they mitigate attacks with the software that is loaded onto the hardware.Quote:
Originally Posted by Matthew
It isn't software you can just stick on your server but it is still software.
Software on the server operating system level. Not network hardware.Quote:
Originally Posted by Hejula
mfw people think software protects against DDOS
I don't know, but I've always used a limited connections script when I had a hotel hosted, in my server and CMS. It'll limit the connections from an single IP address and close the excessive connections.Quote:
Originally Posted by AWA
I know now lol, Gladly there is a 24 hour refund policy on that :w00t:Quote:
Originally Posted by Hejula
cisco routers or switches should do the trick...decent enough hardware firewall which has packet filtering.
To be honest this isn't making sense a bit.
If you just install IIS web server then you are quicker off.
You are now wasting space on downloading many Anti-ddos programs when the anti-ddos is implemented in to IIS.
So rather prefer IIS to be honest it doesn't take any space and it's the best and it's better that last off.
Wooow nice.
I'm sure what others are trying to infer is that these are all unnecessary to aid the mitigation of just Denial of Service attacks - your webserver can be capable of doing so, itself. For DDoS, however, prevention at the application level won't even touch the network side of things. Your options are as follows;
Keep your IP address secret and choose Cloudflare. The free version is good, and the prices aren't bad either.
OR
Choose a well-established host, capable of mitigating attacks and boasting enterprise hardware w/ firewalls. It may cost a little more, but for the money many of you make on these 'retros', you'd be damned if you can't afford a little extra.
Nice, but as a webmaster if you simply setup cloudflare correctly and modify the PHP configuration you're able to easily hide the IP (I setup cloudflare for a forum then it got hit constantly with 130Mbit Ddos' nullrouting the IP so I let someone edit the configuration and it worked perfectly). Although these programs are good; in the sense you're only being hit on port 80 then sure go ahead but if they're sending SSYN attacks then you're not going to get much out of them hence a hardware firewall is ultimately the only way you're going to completely if not partially stop all attacks seen as it route's through the network. IIS+ Cloudflare + Hardware firewall = Ultimate protection against most attacks.
This is true, but it spends a lot off money to buy it, you can almost buy a proxy that is connected with your dedicated server, you can use these for your hotel whatever, and if people ddossing it has no effect. Some hotels use this.Quote:
Originally Posted by pixelpro321