I'm looking for some advice on ddos protection, I recently purchased a vps from upcloud that worked great for my needs. I was running wordpress sites via webuzo, however, a hacker got in and uploaded script kiddies to all my hosted sites and used up over 6TB of bandwidth, which upcloud charged to my account. This was basically my first time dealing with a vps and I abused their support due to my lack of knowledge. Afterwards I installed a firewall and only opened the ports necessary for access to webuzo, 5 days later, hacked again. I decided to route everything through cloudflare however my sites began taking 3secs+ to load versus the -1sec without clourdflare. Bam, hacked again because I was using email on my server and this exposed my IP. Having decided to abandon upcloud, I purchased a plan with Cloudcone, the speed/load time is way slower but they offer ddos protection. My question is, will the ddos protection that cloudcone or any vps provider offer be enough to protect me from getting hacked again?