New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
OVH, Hetzner or Contabo for DDoS Protection?
Hello,
I've been out of the game for a few years, but recently some of my projects have caught on and I think it's time to move away from DO. There has been a few smaller attacks the last few days. It's mostly non-profit projects so I'm currently considering something cheap from either OVH, Hetzner or Contabo.
Which one has the best protection?
Comments
I think that the best DDoS Protection has Contabo. A few seconds and the DDoS is blocked and your IP nullrouted.
From the mentioned def OVH, but I would recommend buyvm maybe or @Clouvider
OVH of course.
ovh, nfoservers are good cheap options
Exactly. They have no ddos at all...
All providers call nullroute the IP address of your server, so they are not unique with their DDOS protection 😂
They do it’s called unique technology 😂
OVH, but path would be better
i would suggest iHostART. he has a dedicat mikrotik for ddos protect.
OVH > Hetzner >>>>>>>>>> Contabo
If you want longterm solution then check PHP-Friends and netcup.
Hetzner is good for random projects, because of very fast provisioning & hourly billing & cheap block storage. OVH hosting/vps are worse in price/performance than PHP-Friends and netcup. Netcup works really good for websites, but its not that good for UDP traffic ex. game servers. Contabo will nullroute your VPS so basically it will be unreachable to anyone as long as its DDoSed. Its not protection at all, they are bottom-tier provider in terms of money so they need to cut a lot of corners to be sustainable. If they would provide something better then they would be bankrupt. Contabo works good only if you need burstable CPU performance, plenty of SSD, lots of RAM at low price.
I found that PHP-Friends has best network (2x lower ping to Poland vs Hetzner/netcup) and because, they are smaller company they care about single customer. 3 more weeks and I will use them for big production site, because they are the best in terms of what you get for low amount of money.
I’ve used them before, but everything is in German which is a pain.
Use google translate, but the solus panel is in english, that's fine.
Try netcup, good option.
How is their support? I’m guessing better then the 3 providers I mentioned?
OVH has no support at all, this will be confirmed by any user.
But each german provider has kinda equal support.
I would say if you wish better support go with @Avoro
They are using same DC/Network/Hardware as php-friends, but i would say i liked their attention and support to me much.
Why Avoro doesnt even have Ubuntu 20.04? Only 18.04. Veeery long time from release. No Debian 11 or CentOS 8 too. Default OS is CentOS 6.5 wtf
We have Ubuntu 20.04, but not yet officially on the website. Debian 11 is still coming of course, but we are working on an alternative (new vServer generation) with high performance Ceph cluster and much more
Right now yes, but maybe there is also something planned?
They have dedicated cores or threads?
ovh recomanded
Contabo suspended VDS / Dedicated server for received ddos attack
You should have CentOS 8/Alma/Rocky and Debian 11 by now.
Ubuntu 20.04 was released 1.5 years ago... Half year more and we will have 22.04. It gives impression that your company is out of business from long time. I understand that you need to make template, modify site etc, but it cant take 1.5yrs, all OSes that are visible on page are outdated.
Your offer seems great, but even if I would want 18.04 then still lack of 20.04 today is red flag.
@AXYZE Not defending anyone, but I don't see any issue just to make an upgrade from 18.04 => 20.04, i would say. Still at my work mostly colleagues uses 18.04 as projects are long time with us and they are kinda big, so not easy to migrate without issues
Ofc you can upgrade, but if company that sells VMs is 1.5 years behind OS release schedule then its kinda weird right? And that's just Ubuntu, CentOS 8 isn't available too and it was released in 2019, 2 years already passed.
CentOS 6.5 is EOL from 1 year and its default choice, so if you visit Avoro website you can think that they abandoned site a long time ago or company doesn't exists anymore.
It's not that hard to add OS template, so I'm interested why its taking so long
@Avoro what's the reason for it? Billing panel, automation or just nobody requested it?
If you want effective Anti-DDoS, check out fastpipe.io (combahton), i heard good things about them from other providers like zap-hosting
Does Netcup have DDoS in their network built in?
I really do like OVH. Who cares whether they provide support?
I rarely needed it. About 10 years I've used them for various projects, only one time I needed support. That was like 9 years ago.
If you need tech support at OVH, you are doing something horribly wrong.
They reroute traffic through Anexia infrastructure when they detect attack. Its not on-prem. Like I said good for websites, not so good for game servers.
Thanks for mentioning!
Indeed, we got filters for most common games and teamspeak, pretty large FiveM gameservers for example use our network / ddos protection. For most of them, we have caching as well as challenge response in place, happening on our ddos-filters.
Using our APIv3, customers can gain insights in the mitigation process, e.g. bad traffic metrics / accepted traffic / sflow samples to adjust filters for their application by setting individual flexrules.
Just for interest, do you provide ddos-filters for https://rage.mp and https://altv.mp/ as well?
Do you allow GRE tunnel or vpn server on your Cloud Servers (VPS)?
Where can i find a list of supported games/protocols for AntyDDoS?
Do you have some proxy protection for HTTP?
Nothing specialized yet, both are on our todo
Both Port 80, 443 and 8443 are covered, FiveM on Port 3000-32000 has a special filter which protects against Layer7 attacks using http - we also terminate SSL, making servers imune against http centric attacks.
You can find more on https://wiki.combahton.net/antiddos.html
GRE Tunnels are of course allowed, please keep in mind - GRE needs to be whitelisted seperately using flexrules. GRE wont work under DDoS-Protection without whitelisting, we discard all non ICMP/TCP/UDP traffic by default.
just gre tunnel the traffic through all 3, problem solved.