Get the most out of your Centmin Mod LEMP stack
Become a Member

VPS DDoS Protected Solutions ?

Discussion in 'Virtual Private Server (VPS) hosting' started by hungphutho, Aug 5, 2015.

  1. hungphutho

    hungphutho Member

    55
    35
    18
    Jun 2, 2014
    Ratings:
    +35
    Local Time:
    8:25 AM
    1.7.2
    Percona 5.6
    Hello friends !
    Currently I am under attack ddos , I was linode and Vultr ( VDC ) Null Route .

    Linode :
    upload_2015-8-4_21-15-39.png

    upload_2015-8-4_21-12-58.png

    Vultr :
    upload_2015-8-4_21-11-0.png

    anyone have a solution VPS DDoS Protected ?
     
  2. eva2000

    eva2000 Administrator Staff Member

    30,903
    6,908
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,404
    Local Time:
    11:25 AM
    Nginx 1.13.x
    MariaDB 5.5
    RamNode or BuyVM would be your best bets for DDOS protected IP based VPSes

    what was the size of your DDOS attack ?

    @RoldanLT is our resident DDOS victim/expert :)

    you were on Vultr Dedicated Cloud with 10Gbps DDOS protection Vultr DDOS Protection - Vultr.com ? they said they will have large size protection later though

    Also check out x4b.net and cloudflare paid plans for DDOS reverse proxy protections
     
    Last edited: Aug 5, 2015
    • Like Like x 1
    • Funny Funny x 1
  3. hungphutho

    hungphutho Member

    55
    35
    18
    Jun 2, 2014
    Ratings:
    +35
    Local Time:
    8:25 AM
    1.7.2
    Percona 5.6
    The biggest attack I saw through the control panel linode Graphs
    11751769_876530865728026_8612490622698330054_n.jpg
     
  4. hungphutho

    hungphutho Member

    55
    35
    18
    Jun 2, 2014
    Ratings:
    +35
    Local Time:
    8:25 AM
    1.7.2
    Percona 5.6
    @eva2000 I do not have a way to diagnose the size of DDoS attacks, You can tell me the solution identified?

    Yes ! I suppose there is VDC Vultr no 10Gbps DDOS protection , or very limited size

    I will try to ramnode .
    Thank !
     
    Last edited: Aug 5, 2015
  5. eva2000

    eva2000 Administrator Staff Member

    30,903
    6,908
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,404
    Local Time:
    11:25 AM
    Nginx 1.13.x
    MariaDB 5.5
    I see.. I updated above reply with more info.

    need to ask web host, only they would know exact size
     
  6. RoldanLT

    RoldanLT Well-Known Member

    3,975
    965
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,329
    Local Time:
    9:25 AM
    1.11
    10.2
    If I were you:
    • Purchase Sucuri $9USD or $19USD plan per month
    • Re-route all your traffic thru their Service
    • Then create a new Linode VPS, so that you will have a new server IP
    • If the attacker will hammer your server again, they will hit old server IP or if they will attack you via Layer 7 method, Sucuri will mitigate them all for you.
     
    • Informative Informative x 2
    • Like Like x 1
  7. RoldanLT

    RoldanLT Well-Known Member

    3,975
    965
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,329
    Local Time:
    9:25 AM
    1.11
    10.2
    Cloudflare will mostly protect you from Layer 3/4 DDOS.
    But not with Layer 7.
    Sucuri does protect you both.
     
    • Informative Informative x 1
  8. RoldanLT

    RoldanLT Well-Known Member

    3,975
    965
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,329
    Local Time:
    9:25 AM
    1.11
    10.2
    • Informative Informative x 1
  9. RoldanLT

    RoldanLT Well-Known Member

    3,975
    965
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,329
    Local Time:
    9:25 AM
    1.11
    10.2
    • Like Like x 1
    • Informative Informative x 1
  10. eva2000

    eva2000 Administrator Staff Member

    30,903
    6,908
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,404
    Local Time:
    11:25 AM
    Nginx 1.13.x
    MariaDB 5.5
    • Like Like x 1
  11. RoldanLT

    RoldanLT Well-Known Member

    3,975
    965
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,329
    Local Time:
    9:25 AM
    1.11
    10.2
    Since migrating my site to Sucuri, server load always at 0.1x 0.1x 0.1x :D

    Without Sucuri, my server load is always at 70-90% CPU :/ And PHP-FPM will choke :/.
    I'm speaking about Layer 7 attack since I'm behind Cloudflare last few month.
     
    • Like Like x 1
    • Informative Informative x 1
  12. RoldanLT

    RoldanLT Well-Known Member

    3,975
    965
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,329
    Local Time:
    9:25 AM
    1.11
    10.2
    And be sure to protect your NEW Server IP from leaking to public.
    Use external Mail server, like me I'm using: Mail-in-a-Box

    on XenForo, do not use Image Proxy.
     
  13. RoldanLT

    RoldanLT Well-Known Member

    3,975
    965
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,329
    Local Time:
    9:25 AM
    1.11
    10.2
    be aware, that Sucuri is a little pain from the start.
    Default settings block some valid request and URI.
    So you must study Sucuri logs and filter good request.
    After a week of using them, you will be amaze by their service ;)

    Plus I LOVE some great unique features of sucuri, like this:
    upload_2015-8-5_0-47-43.png


    With that settings, I don't need a XenForo Spam addon anymore :D
    I already remove all my spam prevention's now :)
     
    • Like Like x 1
    • Informative Informative x 1
  14. eva2000

    eva2000 Administrator Staff Member

    30,903
    6,908
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,404
    Local Time:
    11:25 AM
    Nginx 1.13.x
    MariaDB 5.5
    nice.. not sure those country blocks would work here - quite a few members from all those countries hehe
     
  15. hungphutho

    hungphutho Member

    55
    35
    18
    Jun 2, 2014
    Ratings:
    +35
    Local Time:
    8:25 AM
    1.7.2
    Percona 5.6
    I've setup x4b.net, hope all goes well
    Thank you very much, if existing measures do not succeed I will choose Sucuri :D
     
    • Like Like x 1
  16. hungphutho

    hungphutho Member

    55
    35
    18
    Jun 2, 2014
    Ratings:
    +35
    Local Time:
    8:25 AM
    1.7.2
    Percona 5.6
    Currently I am satisfied with x4b.net :)
    Their filter effective with DDoS attacks on my website

    Network Filter :

    upload_2015-8-5_13-57-30.png

    Software Filter
    upload_2015-8-5_13-59-0.png

    I've temporarily get deep sleep: D

    thank you all !
     
    • Like Like x 2
  17. eva2000

    eva2000 Administrator Staff Member

    30,903
    6,908
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,404
    Local Time:
    11:25 AM
    Nginx 1.13.x
    MariaDB 5.5
    Glad to hear it was beneficial :)
     
  18. SplitIce

    SplitIce New Member

    2
    3
    3
    Aug 5, 2015
    Ratings:
    +3
    Local Time:
    12:25 PM
    1.9.0
    MariaDB 10
    Glad we could help.

    -Mathew from X4B.Net :)
     
    • Like Like x 2
  19. Juanzo

    Juanzo New Member

    2
    1
    3
    Aug 10, 2014
    Buenos Aires, Argentina
    Ratings:
    +1
    Local Time:
    10:25 PM
    Great informative thread.

    Mind confirming if you know exactly why Sucuri performed better than CloudFlare?

    Layer 7 attacks are covered according to them.
     
  20. pamamolf

    pamamolf Well-Known Member

    2,819
    251
    83
    May 31, 2014
    Ratings:
    +445
    Local Time:
    3:25 AM
    Nginx-1.13.x
    MariaDB 10.1.x
    Sucuri blocks a lot of valid traffic :(

    If you can hide the main server ip you will be fine but that's not easy i thing....

    Checking for dns settings that will leak original ip is the only one that i know to do but maybe the attacker can find the ip using another method? Don't know....