/ Register

Get the most out of your Centmin Mod LEMP stack
Become a Member

VPS DDoS Protected Solutions ?

Discussion in 'Virtual Private Server (VPS) hosting' started by hungphutho, Aug 5, 2015.

Tags:
Previous Thread Next Thread
Loading...
Page 1 of 2
  1. Aug 5, 2015 #1
    hungphutho

    hungphutho Member

    55
    35
    18
    Jun 2, 2014
    Ratings:
    +35
    Local Time:
    1:46 PM
    1.7.2
    Percona 5.6
    Hello friends !
    Currently I am under attack ddos , I was linode and Vultr ( VDC ) Null Route .

    Linode :
    upload_2015-8-4_21-15-39.png

    upload_2015-8-4_21-12-58.png

    Vultr :
    upload_2015-8-4_21-11-0.png

    anyone have a solution VPS DDoS Protected ?
     
  2. Aug 5, 2015 #2
    eva2000

    eva2000 Administrator Staff Member

    39,282
    8,664
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +13,321
    Local Time:
    4:46 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    RamNode or BuyVM would be your best bets for DDOS protected IP based VPSes

    what was the size of your DDOS attack ?

    @RoldanLT is our resident DDOS victim/expert :)

    you were on Vultr Dedicated Cloud with 10Gbps DDOS protection Vultr DDOS Protection - Vultr.com ? they said they will have large size protection later though

    Also check out x4b.net and cloudflare paid plans for DDOS reverse proxy protections
     
    Last edited: Aug 5, 2015
    • Like Like x 1
    • Funny Funny x 1
  3. Aug 5, 2015 #3
    hungphutho

    hungphutho Member

    55
    35
    18
    Jun 2, 2014
    Ratings:
    +35
    Local Time:
    1:46 PM
    1.7.2
    Percona 5.6
    The biggest attack I saw through the control panel linode Graphs
    11751769_876530865728026_8612490622698330054_n.jpg
     
  4. Aug 5, 2015 #4
    hungphutho

    hungphutho Member

    55
    35
    18
    Jun 2, 2014
    Ratings:
    +35
    Local Time:
    1:46 PM
    1.7.2
    Percona 5.6
    @eva2000 I do not have a way to diagnose the size of DDoS attacks, You can tell me the solution identified?

    Yes ! I suppose there is VDC Vultr no 10Gbps DDOS protection , or very limited size

    I will try to ramnode .
    Thank !
     
    Last edited: Aug 5, 2015
  5. Aug 5, 2015 #5
    eva2000

    eva2000 Administrator Staff Member

    39,282
    8,664
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +13,321
    Local Time:
    4:46 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    I see.. I updated above reply with more info.

    need to ask web host, only they would know exact size
     
  6. Aug 5, 2015 #6
    rdan

    rdan Premium Member Premium Member

    4,523
    1,084
    113
    May 25, 2014
    Ratings:
    +1,582
    Local Time:
    2:46 PM
    Mainline
    10.2
    If I were you:
    • Purchase Sucuri $9USD or $19USD plan per month
    • Re-route all your traffic thru their Service
    • Then create a new Linode VPS, so that you will have a new server IP
    • If the attacker will hammer your server again, they will hit old server IP or if they will attack you via Layer 7 method, Sucuri will mitigate them all for you.
     
    • Informative Informative x 2
    • Like Like x 1
  7. Aug 5, 2015 #7
    rdan

    rdan Premium Member Premium Member

    4,523
    1,084
    113
    May 25, 2014
    Ratings:
    +1,582
    Local Time:
    2:46 PM
    Mainline
    10.2
    Cloudflare will mostly protect you from Layer 3/4 DDOS.
    But not with Layer 7.
    Sucuri does protect you both.
     
    • Informative Informative x 1
  8. Aug 5, 2015 #8
    rdan

    rdan Premium Member Premium Member

    4,523
    1,084
    113
    May 25, 2014
    Ratings:
    +1,582
    Local Time:
    2:46 PM
    Mainline
    10.2
    • Informative Informative x 1
  9. Aug 5, 2015 #9
    rdan

    rdan Premium Member Premium Member

    4,523
    1,084
    113
    May 25, 2014
    Ratings:
    +1,582
    Local Time:
    2:46 PM
    Mainline
    10.2
    • Like Like x 1
    • Informative Informative x 1
  10. Aug 5, 2015 #10
    eva2000

    eva2000 Administrator Staff Member

    39,282
    8,664
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +13,321
    Local Time:
    4:46 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    • Like Like x 1
  11. Aug 5, 2015 #11
    rdan

    rdan Premium Member Premium Member

    4,523
    1,084
    113
    May 25, 2014
    Ratings:
    +1,582
    Local Time:
    2:46 PM
    Mainline
    10.2
    Since migrating my site to Sucuri, server load always at 0.1x 0.1x 0.1x :D

    Without Sucuri, my server load is always at 70-90% CPU :/ And PHP-FPM will choke :/.
    I'm speaking about Layer 7 attack since I'm behind Cloudflare last few month.
     
    • Like Like x 1
    • Informative Informative x 1
  12. Aug 5, 2015 #12
    rdan

    rdan Premium Member Premium Member

    4,523
    1,084
    113
    May 25, 2014
    Ratings:
    +1,582
    Local Time:
    2:46 PM
    Mainline
    10.2
    And be sure to protect your NEW Server IP from leaking to public.
    Use external Mail server, like me I'm using: Mail-in-a-Box

    on XenForo, do not use Image Proxy.
     
  13. Aug 5, 2015 #13
    rdan

    rdan Premium Member Premium Member

    4,523
    1,084
    113
    May 25, 2014
    Ratings:
    +1,582
    Local Time:
    2:46 PM
    Mainline
    10.2
    be aware, that Sucuri is a little pain from the start.
    Default settings block some valid request and URI.
    So you must study Sucuri logs and filter good request.
    After a week of using them, you will be amaze by their service ;)

    Plus I LOVE some great unique features of sucuri, like this:
    upload_2015-8-5_0-47-43.png


    With that settings, I don't need a XenForo Spam addon anymore :D
    I already remove all my spam prevention's now :)
     
    • Like Like x 1
    • Informative Informative x 1
  14. Aug 5, 2015 #14
    eva2000

    eva2000 Administrator Staff Member

    39,282
    8,664
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +13,321
    Local Time:
    4:46 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    nice.. not sure those country blocks would work here - quite a few members from all those countries hehe
     
  15. Aug 5, 2015 #15
    hungphutho

    hungphutho Member

    55
    35
    18
    Jun 2, 2014
    Ratings:
    +35
    Local Time:
    1:46 PM
    1.7.2
    Percona 5.6
    I've setup x4b.net, hope all goes well
    Thank you very much, if existing measures do not succeed I will choose Sucuri :D
     
    • Like Like x 1
  16. Aug 5, 2015 #16
    hungphutho

    hungphutho Member

    55
    35
    18
    Jun 2, 2014
    Ratings:
    +35
    Local Time:
    1:46 PM
    1.7.2
    Percona 5.6
    Currently I am satisfied with x4b.net :)
    Their filter effective with DDoS attacks on my website

    Network Filter :

    upload_2015-8-5_13-57-30.png

    Software Filter
    upload_2015-8-5_13-59-0.png

    I've temporarily get deep sleep: D

    thank you all !
     
    • Like Like x 2
  17. Aug 5, 2015 #17
    eva2000

    eva2000 Administrator Staff Member

    39,282
    8,664
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +13,321
    Local Time:
    4:46 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Glad to hear it was beneficial :)
     
  18. Aug 5, 2015 #18
    SplitIce

    SplitIce New Member

    2
    3
    3
    Aug 5, 2015
    Ratings:
    +3
    Local Time:
    4:46 PM
    1.9.0
    MariaDB 10
    Glad we could help.

    -Mathew from X4B.Net :)
     
    • Like Like x 2
  19. Jan 31, 2016 #19
    Juanzo

    Juanzo New Member

    2
    1
    3
    Aug 10, 2014
    Buenos Aires, Argentina
    Ratings:
    +1
    Local Time:
    3:46 AM
    Great informative thread.

    Mind confirming if you know exactly why Sucuri performed better than CloudFlare?

    Layer 7 attacks are covered according to them.
     
  20. Jan 31, 2016 #20
    pamamolf

    pamamolf Premium Member Premium Member

    3,242
    305
    83
    May 31, 2014
    Ratings:
    +558
    Local Time:
    9:46 AM
    Nginx-1.13.x
    MariaDB 10.1.x
    Sucuri blocks a lot of valid traffic :(

    If you can hide the main server ip you will be fine but that's not easy i thing....

    Checking for dns settings that will leak original ip is the only one that i know to do but maybe the attacker can find the ip using another method? Don't know....
     
Previous Thread Next Thread
Loading...
Page 1 of 2
..

.