Jump to content
  • 0

Server Protection Anti Ddos Help


Question

Posted

admin sorry if this topic dost go here

 

 

i am on the search of best or recommended anti ddos system

 

i wanna to go with smartguard but read in a lot of places that can be bypassed / hacked and thats why i wont go for they services

 

can you guys pout me int he right direction

 

 

do i need web ddos protection as well as the website is in another vps with sql thats what dev recomended with os cetos

 

please help me out here dont know where to head and i dont wanna have a fail server from the start either i want to set up do it right and live it up for many years

 

Recommended Posts

  • 0
Posted

Sorry, no. I won't, there is no need for that, it's already over, and some illusional reputation took a hit

  • 0
Posted

You cant rely on any's protection.  Ovh says that with a vps/dedicated you get anti-ddos pro. If you buy a game dedicated u get extra l3-l4-l7 layer protection which is what u need cause lineage follows tcp/udp (udp is the problem).

Even though thats sounds good for the money they require, if you sent a ticket to them they will reply to you that anti-ddos pro also protects you from udp/tcp and other attacks as well. Dont mind the people crying in ovh's forum that their server's are getting down. Also ovh's "protection" needs 2 minutes to kick in so you will have at least 2 minutes down time. You cant rely on anyone if u cant make some configurations on your own based on your server's criteria.

Fail2ban will help you manage your iptables (big power in linux) and mitigate the attack. No one can escape 100% from a ddos attack (quoted by Contabo) there will always be a downtime even if you choose hyperfilter or stormwall (i was a client on both). In order to save money (unless don't mind spending as much as it requires) i would advice you to choose ovh and install fail2ban by making the right configurations and wish goodluck to your self and your project.

 

Best Regards.

  • 0
Posted

None of the L2 related Daemons need UDP.

 

Also, 2 min protection to kick in sounds like a "reactive" solution. It's like waiting for cancer to reach stage 4 (complete confirmation that it's cancer) before treating it. That's why I always suggest to avoid anything that looks like a company run from a student's dormitory basement.

 

@ElitePlayer: hahahahaha. NFC.

  • 0
Posted (edited)

OVH false positive rate is ridiculous when you hit it with a syn flood (many people complain to not be able to connect), also most small custom coded attack scripts will work there, and no, they do not have a proper layer 7 protection and you can overload many tcp applications relatively easy with large zombie/pc botnets. :)

 

But... if all of this is not critical for you, yeah, use fail 2 ban, iptables, bla bla bla and as much as many workarounds you want. Afterall, probably for the price they are charging, this is more than enough for who can only afford it...

Edited by MWZ
  • 0
Posted

ovh is 100% garbage lololz. not sure why nobody check it, but ovh means "one vision from hell". people just keep talking about it, coz its the cheapest shit you'll find around, besides that, it's pure shit.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.




×
×
  • Create New...