New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Get a better host with ddos protection.
What type of attack? If you're hosting websites you need something.
Any solutions you put in front now such as CloudFlare probably won't be worthwhile as they'll just directly attack your server IP address. Best bet is to look for a provider who offer DDoS Protection as part of their services/as an option.
What kind of attacks and what size of attacks are you seeing?
Take BuyVM, they're using clouldflare magic transit or php-friends.de
How do they know your origin server if it's behind reverse proxies like Cloudflare?
He is planning to protect existing VPS/unwilling to spin up a new one from backup, I guess.
No effort needed to unleash real ip.
Existing server without IP change = same IP as before behind CloudFlare.
All revealing dns records like MX are set to outsourced services. No reverse records. Domain registrar with privacy protection.
It turns out that ipv4 address space can be scanned for SSL/TLS certificates and it can be prevented by using ipv6 with dumb self-signed certificate.
What's next? Digging DNS historical services? Checking favicons?
Having a buddy in a secret service?
We currently have a $7 deal available on the budget line if you don't use much bandwidth.
Just buy a vps from php-friends.de , and sleep well
@PHP_Friends
ovh vps
There is many method to protect.
first you should understand what kind of attack it is, Layer 3,4 or 7?
Then, for layer 3 and 4, the best option is to go with a provider that include that.
Layer 7 you will always need a little bit of configuration for each domain to put a protection in front of the server, but that can be semplified.
we take care of both, in case you can contact us.
I agree with the other commenters that the simplest solution is to switch to a host that provides DDOS protection at the datacenter-level (like we do)