Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Offer: Free Beta Testing - Layer 7 Application Layer Filtering - cPanel Hosting
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Offer: Free Beta Testing - Layer 7 Application Layer Filtering - cPanel Hosting

deployvmdeployvm Member, Host Rep
edited April 2015 in General

Hi LET Community,

Objective: We need members to fully tests all aspects of our platform (specifically the application layer filtering and performance). cPanel is already solid and most users should be familiar with the control panel.

Beta testers' package:

3GB SSD RAID protected space+
100GB Bandwidth+
Unlimited cPanel features
Period: 1 month or less

+Counted only clean traffic/FREE to add more if necessary

Please PM me if you are interested to TEST! You must have a top level domain.

Filtering:
DDoS mitigation occurs at network level through hardware devices. The cPanel server is located inside geodistributed filtration system and protected against all types of DDoS attacks.
Traffic passes through the closest filter. This ensures the shortest route and maximises performance. Filtering nodes include Amsterdam NL, Dronten NL, Frankfurt DE, Kiev UA and Moscow RU.

Protection is guaranteed at 60Gbit/s and several million packets per second. The total filtering capacity is at 1.5Tb/s and 120million pps (as advertised). Common attack types such as UDP, TCP, SSYN, spoofed, ICMP are easily filtered.

Layer 7 filtering: All popular attack types such as HTTP-GET, POST, HEAD, Slow, malformed requests targeted at the webserver are filtered through a cluster/cloud solution. There is also a WAF system analysing the traffic through deep-inspection.

Server is located in Moscow, Russia with public and private peering to major exchanges, RETN, Transtelecom and Level 3.

Webserver: Nginx as the frontend

**Note: We currently have compatibility issues with CloudFlare but we are looking for ways to workaround the problem. CloudFlare rejects our IP by refusing to serve visitors.
**
Please PM me immediately if you are interested.

Thank you.

Comments

  • linuxthefishlinuxthefish Member
    edited April 2015

    What if attacks get through, some plans for dedicated IP so you can nullroute??

  • deployvmdeployvm Member, Host Rep
    edited April 2015

    @linuxthefish said:
    What if attacks get through, some plans for dedicated IP so you can nullroute??

    There will be an option for dedicated IPs later and I can request them easily from my provider but due to the cost, I am unable to offer them on free beta testing.

    It is very unlikely that a significant percentage of the attack will get through the protection but it is possible to modify the protection if an attack succeeds. Nullroute or dropping protection is the last resort.

    The provider prides itself in quality protection, so I doubt an attack that bypasses the filter will be taken lightly. The server is also configured to mitigate basic SYN and HTTP floods at software level if it passes through.

  • Do you maybe offer remote protection so I can just route my server server through your protection?

  • deployvmdeployvm Member, Host Rep
    edited April 2015

    @jakelong said:
    Do you maybe offer remote protection so I can just route my server server through your protection?

    Unfortunately not at the moment. Since we are running cPanel/WHM, it is not viable for me to setup a reverse proxy and pass the traffic through.

    It will be a feature in the near future.

    Thanked by 1lukesUbuntu
  • What filtering are you using?

  • Sadly, when you say your offer ddos protection for free, you'll have people who are in to that test out the filtering.
    1. Filter provider?
    2. Filters against?

  • tomsfarmtomsfarm Member
    edited April 2015

    @jakelong said:
    Do you maybe offer remote protection so I can just route my server server through your protection?

    You can do this with ClamHost from $4m/o with 20Gbps / 12.4Mpps DDoS Mitigation. Including L7 Mitigation :)

    Powered by blacklotus

  • @clamhost said:
    Powered by blacklotus

    Is it possible to use Cloudflare -> ClamHost Proxy -> Server?

  • deployvmdeployvm Member, Host Rep
    edited April 2015

    @linuxthefish said:
    What filtering are you using?

    @KwiceroLTD said:
    Sadly, when you say your offer ddos protection for free, you'll have people who are in to that test out the filtering.
    1. Filter provider?
    2. Filters against?

    The filter provider is DDoS-Guard in Russia.
    As I have stated in the first post, filtering occurs at L3, L4 and finally L7 (application). Popular attack types such as UDP and spoofed (NTP, Chargen, DNS etc) SSYN, TCP, ICMP and others are filtered easily. In regards to application, any malformed or suspicious requests targeting the webserver will be analysed and filtered. These include but not limited to HTTP-POST, GET, HEAD and other artificial traffic.

    Search engines, crawlers, APIs and other legitimate services that generate artificial traffic should be whitelisted already.

    It is more than just testing the protection as the main focus is on performance and stability. We will be looking to resolve any HTTP errors that occurs, legitimate visitors being blocked or compatibility issues with certain scripts.

  • @jakelong said:
    Is it possible to use Cloudflare -> ClamHost Proxy -> Server?

    Yes

  • @clamhost said:
    Yes

    Can you explain how I would go about doing this? It just makes no sense to me what DNS I point where.

  • @jakelong said:
    Can you explain how I would go about doing this? It just makes no sense to me what DNS I point where.

    You would point your domain through cloudflare and then point it to your Protected IP.

  • @clamhost said:

    Ok cool. What happens if I go over the 20Gbit?

  • tomsfarmtomsfarm Member
    edited April 2015

    @jakelong said:

    Nothing traffic will still pass through up to 80Gbps what size of attacks are you experiencing ?

    Having any issues with Attacks email [email protected] so we can help you

  • deployvm said: The filter provider is DDoS-Guard in Russia.

    I'm already upset with you.
    DDoS-Guard is known for hosting the shadiest of shadiest of customers. They're usually protecting things like tf.

  • deployvmdeployvm Member, Host Rep
    edited April 2015

    @KwiceroLTD said:
    DDoS-Guard is known for hosting the shadiest of shadiest of customers. They're usually protecting things like tf.

    I had no idea of that. The IP ranges are 'clean' when doing blacklist checks and from my knowledge, abuse complaints are handled in a timely manner.

    Network and services from DDoS-Guard has been optimal for me, and I haven't encountered any issues yet.

  • @deployvm said:

    You're sharing a network with shady people. I once sent a request for them to disclose the information of the host they're protecting for hosting stolen content, and was given a very very simple response "fuck off"

  • @jakelong

    Depends what location you need?
    https://reverseproxy.pw/billing/cart.php?a=add&pid=3

    From what my mate said they have basic L7 in all locations and premium in Seattle. I got a NL one quite good

  • @clamhost said:
    Powered by blacklotus

    Just curious - do you guys have attack graphs for customers, if there is an attack, I would like to know the size/rate/type automatically.

    Thanked by 1KwiceroLTD
  • tomsfarmtomsfarm Member
    edited April 2015

    @StartledPhoenix said:
    Just curious - do you guys have attack graphs for customers, if there is an attack, I would like to know the size/rate/type automatically.

    You can submit a ticket or contact us via skype to get information relating to the attack. How ever reporting as you mentioned is not implemented as Arbor is still in beta. but it is certainly possible in the future.

  • @clamhost said:
    You can submit a ticket or contact us via skype to get information relating to the attack. How ever reporting as you mentioned is not implemented as Arbor is still in beta. but it is certainly possible in the future.

    I love how you hijacked this thread for your own site ads.

    Thanked by 1tomsfarm
  • sonicsonic Veteran
    edited April 2015

    @KwiceroLTD said:
    I love how you hijacked this thread for your own site ads.

    Me too, I'm looking for @clamhost reviews after reading this topic. Hope to get some positive reviews, their offer looks promise.

  • sonicsonic Veteran
    edited April 2015

    P/s: @clamhost let me know your skype nickname, tks!

  • @sonic said:
    P/s: clamhost let me know your skype nickname, tks!

    Sent

  • @clamhost said:
    You can submit a ticket or contact us via skype to get information relating to the attack. How ever reporting as you mentioned is not implemented as Arbor is still in beta. but it is certainly possible in the future.

    Ill wait then :)

    Thanked by 1tomsfarm
  • deployvmdeployvm Member, Host Rep
    edited April 2015

    Anyone else who is interested to test, please PM me as soon as possible as I am offering only 1-2 accounts more to maintain optimum performance.

  • deployvmdeployvm Member, Host Rep

    Hi LET Members.

    I am looking for testers to test our (remote site protection) for your website. You should have an active website.

    Shared hosting trials closed.

    I will just need your website URL, any subdomains, backend IP/port. Please PM me if interested!

    Currently HTTPS not supported, only HTTP. Basic content caching in offered through multiple filtering nodes in Russia, Germany and Netherlands.

    Includes protection for L3/L4 and L7.

    Thanks.

  • @deployvm said:
    Hi LET Members.

    I am looking for testers to test our (remote site protection) for your website. You should have an active website.

    Shared hosting trials closed.

    I will just need your website URL, any subdomains, backend IP/port. Please PM me if interested!

    Currently HTTPS not supported, only HTTP. Basic content caching in offered through multiple filtering nodes in Russia, Germany and Netherlands.

    Includes protection for L3/L4 and L7.

    Thanks.

    Seems like a reverse proxy :)

  • deployvmdeployvm Member, Host Rep

    @XIAOSpider97 said:
    Seems like a reverse proxy :)

    Yes. It is a reverse proxy!

Sign In or Register to comment.