Need DDoS Protection on my Website

[WebTech Hosts]

Hi Guys,

Recommendations for affordable DDoS protection for websites - multiple domains.

Needs to be good.

Thanks,

Kyle

 

[MannDude]

Hey Kyle. Check out:

 

[Nett]

BuyVM

 

[WebTech Hosts]

I think you have misunderstood me - I have a managed VPS that I am quite happy with - but i require DDoS protection from an outside source.

 

[Nett]

CloudFlare?

 

[Munzy]

Nginx proxy on the buyvm vm to your managed server?

 

[Joshua-Epic]

Cloudflare is pretty solid if you want to spend the extra $$

 

[Francisco]

We do managed plans in the list prices.

cPanel would be $12/month more, filtered IP is $3.00/month.

A GRE would be possible and is easy enough to configure with cPanel.

Let me know,

Francisco

 

[HalfEatenPie]

I think you have misunderstood me - I have a managed VPS that I am quite happy with - but i require DDoS protection from an outside source.

X4B is also available in addition to the recommendations above.

But you can also just do a GRE Tunnel from a BuyVM or RamNode VPS to your Managed server very easily.  

 

[RTGHM]

Where's your server located? If it's out by Moldova/Romania then voxility is good.

 

[ModyDev]

I think you have misunderstood me - I have a managed VPS that I am quite happy with - but i require DDoS protection from an outside source.

I recommend you to use lighttpd or hiawatha-webserver and tweak it to stand layer7 attacks.

Also Cloudflare and Cloudlayer are good as outside source.

 

[AlphaNine_Vini]

You can make custom script or use cloudflare or  use a plugin if you are running website on a CMS. I would recommend to apply captcha at your registration and login pages. Nginx is a good alternative to make your website fast. 

 

[RTGHM]

You can make custom script or use cloudflare or  use a plugin if you are running website on a CMS. I would recommend to apply captcha at your registration and login pages. Nginx is a good alternative to make your website fast. 

How in gods name will nginx stop someone flooding the pipe with a ton of garbage?

 

[raindog308]

Coincidentally, I just blogged about this today:

https://raindog308.com/where-is-ddos-protection-in-premium-hosting/

tl;dr: I am surprised the premium managed VPS providers such as KnownHost/WiredTree, have not offered DDOS protection as an add-on offering.  Especially since so many budget providers (BuyVM, Ramnode, SecureDragon) do.

 

[eva2000]

Coincidentally, I just blogged about this today:

https://raindog308.com/where-is-ddos-protection-in-premium-hosting/

tl;dr: I am surprised the premium managed VPS providers such as KnownHost/WiredTree, have not offered DDOS protection as an add-on offering.  Especially since so many budget providers (BuyVM, Ramnode, SecureDragon) do.

i think it's just a matter of when and not if they will have such

and what about SLA and stuff with higher end hosts ? some would have greater responsibility and liability in case of downtime compared to low end web hosts ?

 

[Francisco]

Coincidentally, I just blogged about this today:

https://raindog308.com/where-is-ddos-protection-in-premium-hosting/

tl;dr: I am surprised the premium managed VPS providers such as KnownHost/WiredTree, have not offered DDOS protection as an add-on offering.  Especially since so many budget providers (BuyVM, Ramnode, SecureDragon) do.

We expect to have our fully managed cPanel plans out on the market in the next couple weeks. All of our current 256MB+ plans will also be fully managed w/o a price hike and cPanel plans will be starting at $25/m for 1G/1G.

Does that put us in the premium bracket or do we have to triple the price too?

Francisco

 

[lbft]

tl;dr: I am surprised the premium managed VPS providers such as KnownHost/WiredTree, have not offered DDOS protection as an add-on offering.  Especially since so many budget providers (BuyVM, Ramnode, SecureDragon) do.

Some companies see DDoS as something that happens to 'difficult' clients - clients that they don't want. Of course with the rise of DDoS extortion/protection rackets, cheap booters usable by any disgruntled 14 year old with mommy's credit card, and scumbags throwing attacks at their competitors, it's no longer only skids that get attacked.

The unfortunate thing is that things are unlikely to change until DDoS becomes more commonplace and it is no longer possible to pretend that it doesn't harm legitimate customers.

 

[Nett]

We expect to have our fully managed cPanel plans out on the market in the next couple weeks. All of our current 256MB+ plans will also be fully managed w/o a price hike and cPanel plans will be starting at $25/m for 1G/1G.


Does that put us in the premium bracket or do we have to triple the price too?


Francisco

Does that mean my 512MB VPS will have management for free?

 

[DomainBop]

You can make custom script or use cloudflare or  use a plugin if you are running website on a CMS. I would recommend to apply captcha at your registration and login pages. Nginx is a good alternative to make your website fast. 

Interesting, so a custom script,  or a Wordpress or CMS plugin, or captcha on registration and login pages, or Nginx will help prevent or mitigate a DDoS attack.

 

[ModyDev]

setting keep-alive to 0 will reduce the amount of load on the server , blocking bad or unknown user-agents and setting low max request size will help.

Here is my lighttpd config


server.even-handler = "linux-sysepoll"
server.network-backend = "writev"
status.status-url ="/server-status"
server.max-fds = 9096
server.max-keep-alive-idle =0
server.max-keep-alive-requests=0
server.max-request-size=10
server.max-write-idle=15

Here [i own this domain ] you can see Lighttpd standing on a medium layer7 attack.

I hope this config helps you ,

Regards.