Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

Hetzner DDoS issues in Production - Page 2
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Hetzner DDoS issues in Production

2»

Comments

  • ClouviderClouvider Member, Patron Provider

    @Brend4n said:
    It's really hard to find a provider that would cater to both hardware and specialized DDoS protection needs. Perhaps some remote protection via Path would work? They have L7/HTTP filters as well prob have some solutions for the "dynamic nature of [your] apps". Or perhaps Magic Transit by Cloudflare, but it wont be cheap.

    It’s not difficult with the right budget ;-)

  • Brend4nBrend4n Member

    @Clouvider said:

    @Brend4n said:
    It's really hard to find a provider that would cater to both hardware and specialized DDoS protection needs. Perhaps some remote protection via Path would work? They have L7/HTTP filters as well prob have some solutions for the "dynamic nature of [your] apps". Or perhaps Magic Transit by Cloudflare, but it wont be cheap.

    It’s not difficult with the right budget ;-)

    True :) I guess over the years, I've started opting more for keeping hosting + protection separate. These remote providers have gotten really good these days and if things don't work out, you just swap without having to worry about migrating infrastructure.

  • mustafammustafam Member

    @Clouvider said:
    It’s not difficult with the right budget ;-)

    Actually, we do have a budget. Using a low-cost solution, with few moving parts, is one of our competitive advantages.

  • ClouviderClouvider Member, Patron Provider

    As per your own posts something has to give unfortunately.

  • mustafammustafam Member
    edited July 2021

    @Clouvider Agree for most cases.

  • appcomqappcomq Member

    Thank you PM me.
    Hetzner's DDOS protection does have some problems. if hetzner as backend server, EDGE servers can use GRE to bypass hetzners firewall. Otherwise, the proportion of SSL handshake failures in high-traffic connections will be very high.

  • skorupionskorupion Member, Host Rep

    @Clouvider said:
    As per your own posts something has to give unfortunately.

    https://fastgood.cheap/

  • Hetzner_OLHetzner_OL Member, Top Host

    @pike said: If you look at Hetzner datacenters for example, if a fire occurs there it wouldnt spread to the whole datacenter quickly (as it has only one level, and fire-proof material), so the damage could be minimized by the fire brigade, as they can access the burning parts and separate them from the still intact ones.

    In the image you posted, it is kind of hard to see, but there are also outdoor alleys between each data center so that fire brigade trucks can park there and that help to prevent fires from "jumping" from building to building. And there are very solid firewall doors between each DC section. For more info about our other measures, go here and scroll down to "Fire protection".

    That being said, our hearts really went out to OVH that day. Even though we were founded in Germany, we're not into schadenfreude. --Katie

    Thanked by 1pike
  • mustafammustafam Member

    @Hetzner_OL Since you are here, do you have any insight about SSL (e.g. https) errors while Hetzner DDoS mitigation is taking place? I mean, will my https site basically be down for 10-30 minutes? What exactly is the benefit of DDoS mitigation, then? Note that I can handle Layer 7 errors myself through a number of techniques, like tokens/challenges/login, not worried about that.

Sign In or Register to comment.