Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


DDOS protection deal breaker?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

DDOS protection deal breaker?

When looking for a vps, is ddos protection a must? Your thoughts and opinions?

DDOS protection deal breaker?
  1. DDOS protection deal breaker?43 votes
    1. Yes
      32.56%
    2. No
      46.51%
    3. Maybe, please explain.
      20.93%

Comments

  • Mark_RMark_R Member
    edited February 2015

    Today we all have to be prepared to take a random hit - DDoS attacks are becoming more common and will have a negative impact on anyone no matter the business. For me DDoS protection is officially part of the term "reliability"

    Thanked by 1Lee
  • It depends.
    For HTTP I mostly use cloudflare in front, so I don't really care about any ddos protection that the origin has.
    For less-important stuff like some teamspeak servers I use a provider that auto-nullroutes and doesn't suspend for attacks.
    For important public stuff I use servers with ddos protection.

  • jarjar Patron Provider, Top Host, Veteran

    On LET this just sounds like a good way to line up targets for the skids among us.

    Thanked by 1netomx
  • LeeLee Veteran

    In over 15 years I have built up a sizeable collection of websites, some are in the hundreds of visitors per day and other in the tens of thousands a day. Not once have any been the target of a DDoS attack.

    Having said that it's really about what @Mark_R says, you need to be prepared for a random hit, so whilst DDoS protection is not on my usual key list of requirements I have more recently started to consider whether a provider has protection available.

    Thanked by 1netomx
  • @W1V_Lee said:
    In over 15 years I have built up a sizeable collection of websites, some are in the hundreds of visitors per day and other in the tens of thousands a day. Not once have any been the target of a DDoS attack.

    You lucky son of a gun!

  • NyrNyr Community Contributor, Veteran

    I don't really buy anything serious without DDoS protection anymore. I can have services hosted at a very reliable provider, but if I get nullrouted 24 hours after an attack, is useless.

  • LeeLee Veteran

    @wych said:
    You lucky son of a gun!

    Indeed, however I tend to have sites related to history and other subjects that tend not to be in the path of that type of attack. Others I am close to who have big portfolios in areas of tech, medicine or law seem to get hit quite a bit.

  • @W1V_Lee said:

    First time I was hit I think it was random, then a few high profile sites got hit (suspected competition in those niches) and then recently it appears to be a certain individual that has taken a dislike to me and a few others around here.

    Then again my oldest site has never been attacked.

  • bsdguybsdguy Member
    edited February 2015

    I'm somewhat astonished by that whole DDOS protection issue. To effectively protect against DDOS, both economically and technically a very high bandwidth position that most VPS providers probably don't have is desirable.
    In other words, that problem seems to be best addressed by larger fiber/transit provider or carriers anyway. And indeed, I know multiple carriers/transit providers who do exactly that, they use their position to offer DDOS protected bandwidth to downstream (smaller colos/DCs, larger hosters hosters, etc.). Interestingly, probably due to their economies the necessary technology/devices/know-how are quite cheap in relation to their massive bandwidth which leads to protected bandwidth being hardly more expensive than unprotected bandwidth.

    I think this is also an issue because the typical lower level measures carry their own burden, e.g. in terms of redirections, dns tricks, etc. And to do it themselves is quite probably not reasonably feasible for most hosting providers considering the equipment costs and quite considerable know-how required. Accordingly most hosting providers seem to simply buy (and resell) DDOS protection.

    Moreover it wouldn't make too much sense for providers with sub n x 100Gb upstream bandwidths because the major damage (to them) is already done when the DDOS reaches their protection equipment. The traffic volume has already flown through their payed pipe. Even if they succeed to protect their clients server (the DDOS target) that's a lousy business because it's them to pay the bill.

    The best they can do is to have evil traffic blocked before it enters their pipe, i.e. upstream. And that's what the smarter transit providers/carriers do - and do at rather low cost given their scale of economy.

    So, from a hosting providers perspective DDOS protection probably increasingly is a must.
    From my personal clients perspective, however, it is not. But then I' not a highly visible or provoking potential target and my experience tells me that my hosting provider (except very few very large ones) wouldn't be the right party to ask anyway.

    From an average (not very tech-savy) clients, in particular business clients perspective again it probably is important. Those, however, will probably not look at LEB/LET for their VPS.

  • Recently I was DDOSED so moved to a protected server but I would not pay extra for it. I will move to a host with it included but not pay extra

  • I have a few containers that have ddos protection. Some of my websites automatically switch to them when I'm under attack, which is a good setup / trade off so far.

    Thanked by 1netomx
  • jmginerjmginer Member, Patron Provider
    edited February 2015

    Speaking of price, regardless of the need for high capacity network to mitigate the attack, the real difficulty is in finding the perfect formula for mitigating any type attack. There are not "open source" mitigation algorithms (Fight DDoS with iptables is not a good way) and each company offers own solutions made in home. This represents a difficulty finding good solutions and affordable prices.

  • W1V_Lee said: Indeed, however I tend to have sites related to history and other subjects that tend not to be in the path of that type of attack. Others I am close to who have big portfolios in areas of tech, medicine or law seem to get hit quite a bit.

    wych said: I think it was random, then a few high profile sites got hit (suspected competition in those niches) and then recently it appears to be a certain individual that has taken a dislike to me and a few others around here.

    I think the key is to never link your sites to you. @W1V_Lee has some pretty critical comments here from time to time yet no one knows any of the sites he ever owns and you just can't attack a site without knowing what it is.

  • You'll get hit eventually, so it's better to have that cushion of support when it's needed

  • raindog308raindog308 Administrator, Veteran

    TinyTunnel_Tom said: Recently I was DDOSED so moved to a protected server but I would not pay extra for it. I will move to a host with it included but not pay extra

    You pay for it one way or the other.

    Either it's included in a higher price, or it doesn't really exist in which case you're paying for something you don't really get.

  • NyrNyr Community Contributor, Veteran

    raindog308 said: You pay for it one way or the other.

    Either it's included in a higher price, or it doesn't really exist in which case you're paying for something you don't really get.

    Not really.

    Some "too big to care" providers (OVH for example) can just use the exceeding inbound capacity to eat DDoS. Obviously they need some equipment and human power, but doesn't play a big part on the cost.

    Smaller providers (SeFlow for example) do need to buy additional capacity, so they have much bigger costs.

    Finally, you have the big specialized mitigation providers which charge a lot to provide a custom and tailored service.

    But there are some providers where you get real protection with nearly zero additional cost, which is very nice nowadays and wasn't an option just two years ago.

Sign In or Register to comment.