Hi there, can you suggest me a reliable service for DDoS protection?

Lately, my website has been facing some attacks, and I'm seeing connection numbers hitting 3000 each second, making it all shaky.



Please don't recommend qrator as their pricing is really off the charts; I'm looking for something that's about $20.

I'm also not interested in cloudflare.

Those high connection numbers really can cause your site to be shaky, and it's crucial to find a reliable service to protect your online presence.

If you're looking for a budget-friendly solution, I would recommend looking at services like DDoS Guard or Sucuri. Both are known for providing solid protection at more accessible price points compared to more premium services you mentioned, like QRator or Cloudflare.

DDoS Guard offers various plans that can fit tight budget, and it typically includes features such as traffic filtering, so that they can help in deflecting attack traffic away from your main server. You can check their pricing plans but there might be some options that hover around your budget.

Sucuri, although a bit more on the higher end usually, sometimes has promotions or basic packages that might just touch your preferred price range. It's not just a DDoS protection service; it also includes malware scanning and website firewall which can give additional peace of mind.

Another option you might wanna consider is Incapsula, which offers robust security features including DDoS protection. They have a range of packages, too, and it's worth checking if any fit the budget you're working with.
Something to keep in mind is that sometimes, shared hosting providers include basic DDoS protection in their hosting packages. If your site is hosted with a major provider, it might be useful to reach out to their support to inquire about this feature.

I would suggest simply blockin an IP using a standard flash firewall that's installed on your server. That's pretty much all you need to do.

Are they just accessing the homepage, or how do you figure out that these IPs are malicious? It's important to have a good logging system in place to analyze traffic and identify patterns associated with bad actors. This way, we can pinpoint problematic IPs more effectively.

In situations where attackers generate an excessive number of connections—say, a hundred or more from each IP—a tool like the one available on GitHub becomes incredibly useful.

Check it out: https://github.com/jgmdev/ddos-deflate. This utility operates in the background as a daemon and acts instantly by issuing bans as soon as suspicious activity is noticed.

You can create a list of exceptions for IP addresses, subnets, hostnames, and more to avoid false positives. Additionally, it allows you to customize various settings such as which ports to monitor, how many connections to allow from a single IP, and how long an IP should be banned for.

Another cool aspect is its capability to handle IPs hidden by Cloudflare, focusing solely on incoming connections while ignoring outgoing traffic.

But the standout feature is its bandwidth management. It keeps track of your traffic, and if the data transfer exceeds a certain limit, it reduces the speed for specific IPs.

Honestly, I believe every operating system should come with this kind of tool pre-installed. But do be cautious when configuring it! Be sure to whitelist your own server IP and any search engines to prevent any accessibility issues.

Also, it's smart to set up Nginx configurations in your projects like limit_req and limit_conn_zone to further enhance your defense against these attacks.