New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Do Hetzner IPs get DDoS'd more frequently?
It's a relatively frequent complaint, but I can't tell from user reports if it happens more often to the sort of users that Hetzner attracts, or if their IP range really is a more frequent target for DDoS attacks. Also they appear to have implemented DDoS protection since September/2016, but it doesn't say how much it can protect against.
Comments
I think their policy is more so like "we'll protect you until we can't"
Well, I don’t think a hosting company per se attracts attacks. It’s the content the user’s host that does, as such this question with relation to Hetzner specifically is irrelevant.
Much providers will get attacked also caused of advertising their very best and unbeatable super strong and reliable ddos protection.
Thats the best reason for some kiddies to test their promise.
Well, what? I've been with Hetzner for like 10 years and all i got was a single DDoS. As far as Hetzners clientele goes i always was under the impression they were rather quick at removing people that caused trouble. Even if those customers weren't to blame for it directly.
I like hetzners strategy to quietly handle such things, seems like a reasonable, working approach.
Hetzner in the past had no DDOS protection and had a reputation for booting customers who got DDOS'd. They have DDOS protection now. I don't know how good it is, but I guess they found it is impossible for a host their size to get along without any. Something similar happened at OVH though I'm hazier on the specifics.
Yeah, their official approach to DDoS used to be "we don't want DDoS magnets" and i doubt this has changed to much even with the protection in place now.
With 1 attack/~10 years you can hardly call me magnet so i guess it's not much suprise that when i finally got hit all they did was send me an automated email containing a couple of logs and told me there was nothing to be done on my part but if the attack would impact their network they might block the server (nullroute i guess) but in that case they'd contact me again.
Looking at tcpdump i saw the occational packet slip through but either the attack was really short or their filters got smart to it after a while. No idea how long it lasted in the end. They never contacted me about it again. According to the logs they sent it was just a miserable ~500mbit/s anyways so Hetzner likely couldn't have given much less of a shit.
Game servers enough said
OK, so if I haven't had a DDoS problem thus far on other hosts (also for 10+ years) it's not likely to be self-sabotage if I move over to Hetzner?
If you don't attract DDOS then Hetzner should be fine. It might be iffy if you run DDOS magnets like game servers. I'd start with an hourly VPS to make sure the network is adequate for what you're doing. In particular the transatlantic speeds are pretty bad. I back up my Hetzner server on a Kimsufi in France which works fine. Then if I want to transfer something to the US, it's faster to get it from the Kimsufi than from Hetzner, even though the Kimsufi has a 100mbit port.
For my own uses, this is slightly annoying but not so bad that I can't live with it. But if I depended more on transatlantic network, I'd go with OVH over Hetzner even though it means paying more.
Yeah, kinda but it still depends a lot on the game and administration. Admittedly the server that drew the DDoS for me was gaming related. Reason even was the stereotypical 13 year olds fighting.
Don't worry it'll be fine.
Yeah, that's pretty much the rule of the game. Like in the case of Krebs on Security; he had 3rd party DDoS protection, but when he got nailed with a mega attack the provider just bailed on him.
Then big ol' Google stepped in.
I'd start with an hourly VPS to make sure the network is adequate for what you're doing. In particular the transatlantic speeds are pretty bad. I back up my Hetzner server on a Kimsufi in France which works fine. Then if I want to transfer something to the US, it's faster to get it from the Kimsufi than from Hetzner, even though the Kimsufi has a 100mbit port.
Hmm interesting, I hadn't read too many network complaints about Hetzner until now. I have well over half of my users in the USA, but the rest are scattered all over the continents. I'll test that aspect of it a bit more first.
This is one of the reasons we try to avoid publishing exact information about our DDoS protection systems and what it's capable of. If you have specific suggestions for how you think we could improve our DDoS protection system, you can write a support ticket to our networking team. Your input does help us to improve it, and our team is constantly working to make it better. --Katie, Marketing