All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
L7 DDoS Protection
Hello LET,
So been doing some research into this due to attacks taking down a site I run recently, key things to note, I run CF in front of the site (the sites main IP has never been linked directly to DNS only ever proxied via CF)
All requests must come from CF currently and all else is blocked via a firewall (OVH VPS) obviously the user's real IP's are passed etc.
So my main question, does anyone have a recommendation for actual good L7 protection and what are your own experiences with the service you would recommend
Services I have already tried and they do not seem to block:
-OVH (Only normal VPS no game firewall)
-X4b (I tested this with the most basic setup but as soon as it kicked in i got a continuous reload loop on verification page, although I will admit I did not do much in terms of seeing why it did this or fixing it)
-Hetzner (Do not even want to get into it)
-Netcup (had a VDS great until my site got attacked and no help)
I do have a BuyVM VPS but not a protected IP so am very open to hearing if that is worth the extra specifically for L7
-Blazingfast.io (Not yet tested this, but have reached out to their support for more info on protection on the VPS they offer so would be open to people experiences)
Comments
Hyperfilter is great at L7 protection,check them out.
https://www.hyperfilter.com
Thank you, have you used them personally if what are your thoughts
I use them to this day, my game server (DELL-4) is under GPM filters and my website is routed through L7 proxy on secondary IP. They individually adjust your filters based on your attack patterns for you in order to resolve the attack,if "out of the box" settings aren't enough. Their webhosting has prolly really good out of the box filters.
I am very happy with their service,but price is far from low-end. If they can't solve your problem,they refund you.
best would be ddos-guard probably as "non-bypassing" goes, other than that free cf is fine for 99.9% use cases if properly configured, the $20/m plan is even better
Cloudflares is great, but needs fine tuning for your specific site.
I think they use Path, and is a cheap thing to try.
I agree with you here, I have been able to fine tune a lot of things just by watching traffic and looking into attack data however I have yet to pay for Cloudflare, and they obviously do a lot for the fact it is free I manage to fine tune it a little more every attack so I wont complain about them.
Thank you to anyone who gave a reply, I now have a mix of Path, Ionos (Funnily their UK protection is rather good) and some other stuff, sounds like a cluster F*** and it would be for most but works well for the application.
The paid tiers of cloudflare offer better filtering options than the free tier.
We've got DDoS protection that's ready to handle L7 attacks and more.
If you're interested, you can get more familiar with our service here: https://vsys.host/ddos-protection!
In case you have any questions - contact us via LiveChat on our website or write to us at this email: [email protected]
A little far out my budget but appreciate you mentioning it, I now have a mixture of hardware, software and cloudflare (took ages to find good settings)
>
You can ask us a custom L7 HTTP/S PROTECTION, it costs €16,90/month (€20,62 vat included) and it's added to your VPS. We'll protect your website and your VPS IP will have our custom https antibot challenge. But you need to keep it below CF to be L4 protected, too.