Discover Centmin Mod today
Register Now

VPS DDoS Protected Solutions ?

Discussion in 'Virtual Private Server (VPS) hosting' started by hungphutho, Aug 5, 2015.

  1. hungphutho

    hungphutho Member

    55
    35
    18
    Jun 2, 2014
    Ratings:
    +35
    Local Time:
    3:12 AM
    1.7.2
    Percona 5.6
    Hello friends !
    Currently I am under attack ddos , I was linode and Vultr ( VDC ) Null Route .

    Linode :
    upload_2015-8-4_21-15-39.png

    upload_2015-8-4_21-12-58.png


    Vultr :
    upload_2015-8-4_21-11-0.png

    anyone have a solution VPS DDoS Protected ?
     
  2. eva2000

    eva2000 Administrator Staff Member

    50,919
    11,804
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,262
    Local Time:
    6:12 AM
    Nginx 1.25.x
    MariaDB 10.x
    RamNode or BuyVM would be your best bets for DDOS protected IP based VPSes

    what was the size of your DDOS attack ?

    @RoldanLT is our resident DDOS victim/expert :)

    you were on Vultr Dedicated Cloud with 10Gbps DDOS protection Vultr DDOS Protection - Vultr.com ? they said they will have large size protection later though

    Also check out x4b.net and cloudflare paid plans for DDOS reverse proxy protections
     
    Last edited: Aug 5, 2015
  3. hungphutho

    hungphutho Member

    55
    35
    18
    Jun 2, 2014
    Ratings:
    +35
    Local Time:
    3:12 AM
    1.7.2
    Percona 5.6
    The biggest attack I saw through the control panel linode Graphs
    11751769_876530865728026_8612490622698330054_n.jpg
     
  4. hungphutho

    hungphutho Member

    55
    35
    18
    Jun 2, 2014
    Ratings:
    +35
    Local Time:
    3:12 AM
    1.7.2
    Percona 5.6
    @eva2000 I do not have a way to diagnose the size of DDoS attacks, You can tell me the solution identified?

    Yes ! I suppose there is VDC Vultr no 10Gbps DDOS protection , or very limited size

    I will try to ramnode .
    Thank !
     
    Last edited: Aug 5, 2015
  5. eva2000

    eva2000 Administrator Staff Member

    50,919
    11,804
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,262
    Local Time:
    6:12 AM
    Nginx 1.25.x
    MariaDB 10.x
    I see.. I updated above reply with more info.

    need to ask web host, only they would know exact size
     
  6. rdan

    rdan Well-Known Member

    5,426
    1,389
    113
    May 25, 2014
    Ratings:
    +2,172
    Local Time:
    4:12 AM
    Mainline
    10.2
    If I were you:
    • Purchase Sucuri $9USD or $19USD plan per month
    • Re-route all your traffic thru their Service
    • Then create a new Linode VPS, so that you will have a new server IP
    • If the attacker will hammer your server again, they will hit old server IP or if they will attack you via Layer 7 method, Sucuri will mitigate them all for you.
     
  7. rdan

    rdan Well-Known Member

    5,426
    1,389
    113
    May 25, 2014
    Ratings:
    +2,172
    Local Time:
    4:12 AM
    Mainline
    10.2
    Cloudflare will mostly protect you from Layer 3/4 DDOS.
    But not with Layer 7.
    Sucuri does protect you both.
     
  8. rdan

    rdan Well-Known Member

    5,426
    1,389
    113
    May 25, 2014
    Ratings:
    +2,172
    Local Time:
    4:12 AM
    Mainline
    10.2
  9. rdan

    rdan Well-Known Member

    5,426
    1,389
    113
    May 25, 2014
    Ratings:
    +2,172
    Local Time:
    4:12 AM
    Mainline
    10.2
  10. eva2000

    eva2000 Administrator Staff Member

    50,919
    11,804
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,262
    Local Time:
    6:12 AM
    Nginx 1.25.x
    MariaDB 10.x
  11. rdan

    rdan Well-Known Member

    5,426
    1,389
    113
    May 25, 2014
    Ratings:
    +2,172
    Local Time:
    4:12 AM
    Mainline
    10.2
    Since migrating my site to Sucuri, server load always at 0.1x 0.1x 0.1x :D

    Without Sucuri, my server load is always at 70-90% CPU :/ And PHP-FPM will choke :/.
    I'm speaking about Layer 7 attack since I'm behind Cloudflare last few month.
     
  12. rdan

    rdan Well-Known Member

    5,426
    1,389
    113
    May 25, 2014
    Ratings:
    +2,172
    Local Time:
    4:12 AM
    Mainline
    10.2
    And be sure to protect your NEW Server IP from leaking to public.
    Use external Mail server, like me I'm using: Mail-in-a-Box

    on XenForo, do not use Image Proxy.
     
  13. rdan

    rdan Well-Known Member

    5,426
    1,389
    113
    May 25, 2014
    Ratings:
    +2,172
    Local Time:
    4:12 AM
    Mainline
    10.2
    be aware, that Sucuri is a little pain from the start.
    Default settings block some valid request and URI.
    So you must study Sucuri logs and filter good request.
    After a week of using them, you will be amaze by their service ;)

    Plus I LOVE some great unique features of sucuri, like this:
    upload_2015-8-5_0-47-43.png


    With that settings, I don't need a XenForo Spam addon anymore :D
    I already remove all my spam prevention's now :)
     
  14. eva2000

    eva2000 Administrator Staff Member

    50,919
    11,804
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,262
    Local Time:
    6:12 AM
    Nginx 1.25.x
    MariaDB 10.x
    nice.. not sure those country blocks would work here - quite a few members from all those countries hehe
     
  15. hungphutho

    hungphutho Member

    55
    35
    18
    Jun 2, 2014
    Ratings:
    +35
    Local Time:
    3:12 AM
    1.7.2
    Percona 5.6
    I've setup x4b.net, hope all goes well
    Thank you very much, if existing measures do not succeed I will choose Sucuri :D
     
  16. hungphutho

    hungphutho Member

    55
    35
    18
    Jun 2, 2014
    Ratings:
    +35
    Local Time:
    3:12 AM
    1.7.2
    Percona 5.6
    Currently I am satisfied with x4b.net :)
    Their filter effective with DDoS attacks on my website

    Network Filter :

    upload_2015-8-5_13-57-30.png

    Software Filter
    upload_2015-8-5_13-59-0.png

    I've temporarily get deep sleep: D

    thank you all !
     
  17. eva2000

    eva2000 Administrator Staff Member

    50,919
    11,804
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,262
    Local Time:
    6:12 AM
    Nginx 1.25.x
    MariaDB 10.x
    Glad to hear it was beneficial :)
     
  18. SplitIce

    SplitIce New Member

    3
    3
    3
    Aug 5, 2015
    Ratings:
    +3
    Local Time:
    7:12 AM
    1.9.0
    MariaDB 10
    Glad we could help.

    -Mathew from X4B.Net :)
     
  19. Juanzo

    Juanzo New Member

    2
    1
    3
    Aug 10, 2014
    Buenos Aires, Argentina
    Ratings:
    +1
    Local Time:
    5:12 PM
    10.5
    Great informative thread.

    Mind confirming if you know exactly why Sucuri performed better than CloudFlare?

    Layer 7 attacks are covered according to them.
     
  20. pamamolf

    pamamolf Well-Known Member

    4,028
    421
    83
    May 31, 2014
    Ratings:
    +817
    Local Time:
    10:12 PM
    Nginx-1.17.x
    MariaDB 10.3.x
    Sucuri blocks a lot of valid traffic :(

    If you can hide the main server ip you will be fine but that's not easy i thing....

    Checking for dns settings that will leak original ip is the only one that i know to do but maybe the attacker can find the ip using another method? Don't know....