Although I have, thankfully, never been the victim of a DDoS attack, it's something that I still worry about. I'm hosted on Linode, and I know they null-route your IP if you are targeted, so I'd like to do something to prepare. I have set up CloudFlare, but I've been disappointed in both its performance and the company's support. Tracking page loading times with NewRelic and Google Analytics, I found no improvement in speed for international visitors. It also increased my server load and page processing time by 15% (according to NewRelic), and - worst of all - my visitors in certain regions around the world reported sporadic "CloudFlare 502" errors (that's what they show when CF claims it can't reach your origin server - but I know my server never had any issues). My support request went unanswered for nearly a week, and when they did finally answer, they simply copy/pasted an article from their knowledge base and clearly didn't read my message. Granted, this was entirely on their free plan - perhaps you get better service on a paid plan, but I digress... I have considered moving to Incapsula's free or Personal plan, then upgrading to their full Business package with DDoS protection if I ever was to need it. I like their heuristic analysis of DDoS attacks, compared to CloudFlare's challenge page which asks visitors to complete a CAPTCHA if you are under attack. However, I want to use an EV SSL certificate (I just think they're cool), and Incapsula only supports them on their business plan...ugh! I would rather not have to deal with a third party, to keep my infrastructure simple and rely on the benefits of a solid Centminmod/Linode install and SPDY instead of a CDN...but DDoS is still something I worry about. How do the rest of you deal with this? What would you all recommend?