Portal Home > Knowledgebase > Articles Database > Proxy DDoS protection - UK Server
Proxy DDoS protection - UK Server
| Posted by asmalley, 06-24-2016, 08:21 AM |
|
Hi guys,
Just wanted your opinion really on proxy DDoS protection. We currently host with UKServers.com but we are fully aware they Null Route the IP if any DDoS attack occurs. With our server being based in the UK I assume there are some limitations to who we can go with for the protection. Does anyone have any suggestions out there for me to look at? Please feel free to fire away on this forum post. I would like to mention that we use the server for web hosting accounts - most being on a shared IP with some taking a dedicated IP option for the likes of SSL certs.
Kindest regards,
Ash
|
| Posted by Zixxel, 06-24-2016, 08:28 AM |
|
1. Find a good provider, maybe with their own good DDoS protected networks.
2. Partner with Cloudflare, and offer this to your own clients.
3. Any budget for this?
|
| Posted by asmalley, 06-24-2016, 08:44 AM |
|
Hi Zixxel
We have partnered with CF using their program. In fact we have their API configured in WHM so customers see this in cPanel. Our budget is around $100-200 per month.
|
| Posted by HostWithLove_Cody, 06-24-2016, 04:18 PM |
|
What size of attacks are you seeing?
With the budget at between $100-200/month, it may be tough to find remote DDoS protection on top of your UKServers hosting fees. My suggestion to you in the other thread had been to simply switch to OVH which is within your budget and also provides extremely good anti-DDoS protection. The ping response difference is probably around ~10ms.
|
| Posted by Maple-Hosting, 06-24-2016, 06:29 PM |
|
Just make sure you read OVH reviews before you do that and make sure you know what to expect. (Not hinting anything, just saying).
|
| Posted by Mister Bark, 07-09-2016, 02:21 PM |
|
I think you may wanna look into Incapsula
You don't need the DoS protection to be at your hosting company.
Basically, you set your domain to Incapsula's ip address, no one knows the address of your server.
Then all you have to do is DROP in iptables on your server everything except what comes from Incapsula.
The only thing is that you will have to look at X-forwarded-for to get the ip address of the client.
|
| Posted by MaxConsulting, 07-09-2016, 07:49 PM |
|
It depends, his datacenter, his rack or his server, can still go down during direct attacks, and knowing he is in uk-servers it is not so hard to cause trouble, once you find the right subnet to cause problems.
|
| Posted by Mister Bark, 07-09-2016, 07:55 PM |
|
I really don't see what kind of troubles you can have when you have a DROP policy in iptables, no answer to ping, etc. If you do things well what the machine can handle is way beyond what any network can handle...
Now, if the network itself is weak that's another story, but that has nothing to do with his server then... And anyone taking down a pro hosting network would have A LOT of bandwidth...
But yes, after all if you have in your hand the connection of a couple big universities it's all over for him
|
| Posted by MaxConsulting, 07-09-2016, 08:26 PM |
|
Capacity troubles, yes. And do not underestimate this, because it is already a reality, there are many "black hat forums" providing such services at a relatively low cost...
|
Add to Favourites 
Print this Article
Also Read
