Learn about Centmin Mod LEMP Stack today
Register Now

Linode Linode Announces DDOS Mitigation Protection

Discussion in 'Virtual Private Server (VPS) hosting' started by eva2000, Jan 25, 2020.

  1. eva2000

    eva2000 Administrator Staff Member

    45,631
    10,356
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,070
    Local Time:
    7:50 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    Linode has announced DDOS mitigation protection DDoS: An Additional Layer of Security from Linode | Linode.
    Linode press release announcement https://www.linode.com/press_releas...ed-ddos-protection-across-its-global-network/
    Linode DDOS Protection page at Advanced Cloud DDoS Protection | Linode
     
  2. eva2000

    eva2000 Administrator Staff Member

    45,631
    10,356
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,070
    Local Time:
    7:50 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    seems Linode Firewall is coming soon too
     
  3. BamaStangGuy

    BamaStangGuy Premium Member Premium Member

    651
    189
    43
    May 25, 2014
    Ratings:
    +264
    Local Time:
    3:50 PM
    Great, I was contemplating DO because of their firewall but now will stick with Linode for sure.
     
  4. rdan

    rdan Well-Known Member

    5,003
    1,201
    113
    May 25, 2014
    Ratings:
    +1,827
    Local Time:
    5:50 AM
    Mainline
    10.2
    Any personal experience how their DDOS protection actually protect? :)
     
  5. eva2000

    eva2000 Administrator Staff Member

    45,631
    10,356
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,070
    Local Time:
    7:50 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    Yeah we shall see. Though I tend to disable host's firewall in favour of Cloudflare Firewall on edge and CSF Firewall on server. Would have to see how Linode Firewall API performs to be able to control it from server level/SSH.

    No experience yet. If they had DDOS protection enabled for my forums, it didn't kick in for a layer 7 DDOS attack I got yesterday on the forums. Maybe it's more for volumetric layer 3/4 network level DDOS attacks ? Cloudflare showed an extra 1 million requests within a few minutes. Cloudflare Firewall rules and caching optimisations have been adjusted/deployed to better handle it in future too :)

    Yes Centmin Mod Nginx server on the forums were pushing 16,000+ concurrent Nginx connections which was the left over requests once Cloudflare caching absorbed the majority of them.

    amplify-nginx-01.png
    amplify-nginx-04.png

    cf-web-traffic-24hrs-01.png
     
  6. eva2000

    eva2000 Administrator Staff Member

    45,631
    10,356
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,070
    Local Time:
    7:50 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    Some info on Linode's DDOS protection which uses Juniper Networks and Corero DDOS Protection via Corero SmartWall Threat Defense Director DDoS Mitigation Becomes Competitive Tool for Cloud Provider - Juniper Networks

     
  7. adamus007p

    adamus007p Member

    252
    15
    18
    Feb 8, 2019
    Ratings:
    +26
    Local Time:
    10:50 PM
    Hello @eva2000 your screens (NGINX currect connections) are coming from what?
     
  8. eva2000

    eva2000 Administrator Staff Member

    45,631
    10,356
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,070
    Local Time:
    7:50 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
  9. rdan

    rdan Well-Known Member

    5,003
    1,201
    113
    May 25, 2014
    Ratings:
    +1,827
    Local Time:
    5:50 AM
    Mainline
    10.2
  10. eva2000

    eva2000 Administrator Staff Member

    45,631
    10,356
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,070
    Local Time:
    7:50 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    Where did you get that info from ? BuyVM IIRC has their own DDOS in house solution paired with others too.
     
  11. rdan

    rdan Well-Known Member

    5,003
    1,201
    113
    May 25, 2014
    Ratings:
    +1,827
    Local Time:
    5:50 AM
    Mainline
    10.2
    From their Email

    upload_2020-5-20_1-49-51.png
     
  12. eva2000

    eva2000 Administrator Staff Member

    45,631
    10,356
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,070
    Local Time:
    7:50 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    Juniper routers/hardware is common so could be :)
     
  13. eva2000

    eva2000 Administrator Staff Member

    45,631
    10,356
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,070
    Local Time:
    7:50 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    Looks like BuyVM also uses Cloudflare Magic Transit for DDOS protection at network level Hetzner, netcup or? the best for protection ddos the most powerful?

     
  14. Jon Snow

    Jon Snow Active Member

    583
    83
    28
    Jun 30, 2017
    Ratings:
    +132
    Local Time:
    5:50 PM
    Nginx 1.13.9
    MariaDB 10.1.31
    So if we're a Linode customer, exactly what do we have to do to opt-in to this or is there nothing needed from our side?
     
  15. eva2000

    eva2000 Administrator Staff Member

    45,631
    10,356
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,070
    Local Time:
    7:50 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    Nothing needed, Linode network level DDOS mitigation is enabled for all Linode VPSes.
     
  16. rdan

    rdan Well-Known Member

    5,003
    1,201
    113
    May 25, 2014
    Ratings:
    +1,827
    Local Time:
    5:50 AM
    Mainline
    10.2
    It's just weird to me that they announce and proud to have ddos protection yet their website still behind Cloudflare.
     
  17. Jon Snow

    Jon Snow Active Member

    583
    83
    28
    Jun 30, 2017
    Ratings:
    +132
    Local Time:
    5:50 PM
    Nginx 1.13.9
    MariaDB 10.1.31
    Maybe they're just testing the waters and will eventually move over? Would be great if someone confronts them about it to see what they have to say on the matter.
     
  18. eva2000

    eva2000 Administrator Staff Member

    45,631
    10,356
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,070
    Local Time:
    7:50 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    Doesn't hurt to use both and Linode DDOS is for network level, while Cloudflare has both application (layer 7) + network (layer 3/4) protection. They could even double up on network level with Cloudflare Magic Transit too ???