Learn about Centmin Mod LEMP Stack today
Become a Member

Any personal feedback about Hetzner DDOS protection?

Discussion in 'Dedicated server hosting' started by rdan, Jul 4, 2020.

  1. rdan

    rdan Well-Known Member

    5,434
    1,395
    113
    May 25, 2014
    Ratings:
    +2,181
    Local Time:
    10:17 PM
    Mainline
    10.2
  2. eva2000

    eva2000 Administrator Staff Member

    51,985
    11,976
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,473
    Local Time:
    12:17 AM
    Nginx 1.25.x
    MariaDB 10.x
    Can't personally comment on Hetzner DDOS protection but from what I read online, yes OVH DDOS protection is better than Hetzner's.
     
  3. Oxide

    Oxide Active Member

    534
    29
    28
    Mar 19, 2015
    Ratings:
    +59
    Local Time:
    12:17 AM
    I am using them and have used them in the past.

    Their protection is not stateful, so it is not the best.

    For example when you are under TCP-AMP Attack, their firewall will conflict and end up blocking legitimate connections. I could spoof attacks from CloudFlare, it would end up blocking CloudFlare IP's due not being stateful.

    However their pricing is great.
     
  4. rdan

    rdan Well-Known Member

    5,434
    1,395
    113
    May 25, 2014
    Ratings:
    +2,181
    Local Time:
    10:17 PM
    Mainline
    10.2
    Down again :/
    upload_2020-8-9_3-25-53.png
     
  5. buik

    buik “The best traveler is one without a camera.”

    1,962
    513
    113
    Apr 29, 2016
    Flanders
    Ratings:
    +1,632
    Local Time:
    4:17 PM
    Depends on which services you are going to offer from your server.

    If you operate in a risk market like religion, gambling, porn, dating, cam etc then you better take a full service DDoS product.

    Many dedicated server providers nowadays supply it as an addon but did not specialize in DDoS as core business.

    Consequence if your server is overddosed too often or for too long.
    IP null routed for a long time or termination server if it occurs more frequently.

    I can't find anywhere about how much GB per second Hetzner offers as DDoS protection. Most dedicated service providers offer a few GB / sec.

    That seems a lot, but it's a joke.
    That's what you're on about, if like only a couple of malots pussing around.

    On the other hand, we're all going through a bit. I even see cat websites behind a thick firewall these days. We hardly dare to make mistakes anymore. But a cat site doesn't have to be online 24/7, right? It can be offline from time to time.
     
  6. HostSlick

    HostSlick New Member

    3
    0
    1
    Mar 19, 2020
    Ratings:
    +2
    Local Time:
    4:17 PM
    -
    -
    I heard feedback from clients who used Hetzner formerly, its not very good. Can't protect against attacks like Spoofed. (But thats what i heard as said. Not tested myself)

    I think its just to protect from major outage.
     
  7. Oxide

    Oxide Active Member

    534
    29
    28
    Mar 19, 2015
    Ratings:
    +59
    Local Time:
    12:17 AM
    They can detect from spoofed attacks but not TCP-AMP. Their protection have blocked 150Gb/s attacks in the past, I've been under some pretty big attacks.