New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Best Layer 3/4 Protection for the price?
Becomeanvillain
Member
in Help
Any suggestions?
Comments
null routing
Is layer ¾ in the OSI stack, metaphysical or interdimensional?
It's located in the server cabinet on Platform 9¾.
The best protection is at level 1. Unplugging the network cable will block 100% of attacks.
That depends on what you mean "for the price" ?
If you could give us a realistic price range, then we can work out the best Mitigation within that range.
Also, how do you want to consume the protection?
VPS Hosting, GRE Tunnel, BGP Session etc?
@dbContext
I'm looking for an alternative to Cloudflare as a reverse proxy for a server.
By "for the price" I mean the lowest ratio of $ to GB. I'm unaware of a what a realistic price range would be as the services I've so far researched don't explicitly list whether they offer Layer 3 or Layer 4 protection.
What's a price that qualifies as a good and realistic deal?
You can't find anything better than Cloudflare for your $ as CF has free plan with unmetered protection. If their protection fails it doesnt mean paid ones will 100% protect you, you need to specify what exactly is wrong with CF.
For example if your have web and mail on the same server then you can easily get original IP of your machine by MX record, thus Cloudflare or any other provider wont help, as your original IP has been leaked.
I don't know what is wrong in your case but my two golden rules in case of problems with attacks:
Extra suggestion: If your provider has firewall in panel (like Hetzner) then use it instead of doing it via iptables. Attacks wont use your VPS resources that way. Hetzner supports up to 80k connections via firewall tho, so idk if this is always good idea - I didnt get any DDoS in ages so I can only speculate on that one...
Specify why you need alternative first, get us more info.
If you just want alternative then check DDoS-Guard, they have free tier.
@AXYZE
I've already listed my issues with CF in a previous post (https://lowendtalk.com/discussion/178577/alternative-to-cloudflare/p1). I'm well aware paid ones aren't a panacea.
I already have a solution for MX records, so I'm not particularly worried about that. I just want to know what options with Layer 3 or 4 protection are available and what the expected prices are.
Sidenote: DDOS-Guard may have problems as well (https://www.bankinfosecurity.com/blogs/for-sale-full-source-code-dump-ddos-guard-service-p-3067)
So you're worried that Cloudflare decrypts traffic on their end right?
"I'm looking for an alternative to Cloudflare as a reverse proxy for a server."
Every single reverse proxy/CDN will decrypt your traffic. They need to see traffic to do their work.
Solutions are:
Why are you worried about CF decrypting data in first place? They have just decrypted data and they are very well known provider which wont be hacked easily - can you say the same about your VPS provider which not only sees all of your traffic, but also has 100% of your data?
I know, privacy, privacy, privacy... but lets be serious, if you are doing something "interesting" then CDN should be your last worry. VPS provider has way more info and probably they have way worse security. Small black box to your server, nobody notices etc. Even if you will build your own reverse proxy it wont help at all in that case.
IDK what exactly youre hosting but if youre worried about CF then just host on TOR. Other provider wont help if you are creating such problems.
That's not actually what you're looking for though, as the plans with the lowest $/GB will usually be the most expensive plans with large commits, as bandwidth is cheaper in bulk. I guess you're looking for the best value within a particular price range.