DDoS protection

Started by nancyfromafrica, Sep 17, 2022, 12:01 AM

Previous topic - Next topic

nancyfromafricaTopic starter

I am looking for one of two options - DDoS protection of an independent server (VPS) or webhosting
with an integrated VPS protection service.

Now I'm trying (I needed it right urgently) EDGE Center protection, but they have something in my opinion, the traffic is being cut too much (attendance has fallen by 5-15%)
and very, very poor statistics and almost zero settings (you can only turn on/off countries).
In addition, a legal user does not have any captcha verification or something else. It's just that the web site is unavailable if it is considered dangerous - that is very bad.
But relatively inexpensive (initial tariff).

DDoS Guard seems to be cooler, but expensive - it is already economically unprofitable for me.
Are there any other decent options?

PS: CloudFlare connected during DDoS, configured - they break through, it was too powerful, apparently.
  •  

esparkinfo

I didn't really understand the details of your situation from the description, but not so long ago I myself was attacked twice a week from many different subnets (mostly USA, but there was also a significant share of China).

I solved the issue with a fairly simple script, analyzing the apache log several times a minute, and banishing the backlight with unnecessary activity. Although the attackers adjusted (they somehow changed their approaches), but generally it was quite primitive, probably because they attacked not only me, but a lot of other websites, and they did not specifically adapt to me.
Therefore, the issue was resolved not very difficult and not costly in terms of resources. Although initially it seemed like a wild force attack, because they took out a 20 MBit channel so I couldn't reach the server.

If you are interested, I can share that script and details.
  •  

vizzmedia

Here is a list of tools that I used in the fight against DDoS attacks.
We shared our experience of working with them. We have no purpose to advertise them in any way, but it seems strange to hide the names of the tools.

the Qrator filtering system - really helped solve the problem
of the iptables firewall - iron blocks traffic, is useful paired with a DDoS filter
basic DDoS protection from Selectel - did not help, or we did not notice
it with DDoS protection from Cloudflare - it seems to work, but it did not suit us. The beneficial effect is not appreciated.
ngx_http_geoip_module module - useful for successful location of attackers

What exactly should be done depends on the strength and duration of the attack. If there are enough resources and the attack does not affect the stability of the site, you can ignore it.
If the site is lying for a long time, it is worth connecting a filtering system.
  •