Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Poll: Would you get extra DDoS Protection for couple USD/mo?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Poll: Would you get extra DDoS Protection for couple USD/mo?

AXYZEAXYZE Member
edited August 2021 in General

If your favorite provider (Hetzner, NexusBytes, netcup, Contabo etc.) which has no/weak/average DDoS Protection would give you option to get better L4+L7 protection for a little bit extra would you get it? Let say level of protection would be high, it would protect your game servers from kids with free/cheapo booters/scripts, but nothing major like 1Tbps DDoS.

Good example of good protection for a couple of bucks is BuyVM where for $3/mo you get Path.net shared DDoS Protection which a lot of people like https://buyvm.net/ddos-protection/

Maybe @Francisco could tell if many users decide to get it? I think this thread should be helpful for providers, because they can estimate how many people are interested in this kind of stuff.

I would happily move all my services from netcup if someone would offer something like this. netcup protection is fine but slow (~1 miunte) to react. BuyVM is too expensive for my needs (2vCPU in BuyVM = $30) so I'm trying to find something in between that has good protection for both game servers and web servers. Something other than OVH.

Extra DDoS Protection for couple of bucks - yay or nay?
  1. Extra DDoS Protection for couple of bucks - yay or nay?123 votes
    1. Yes, I could pay up to $5
      32.52%
    2. Yes, I could pay up to $10
        7.32%
    3. Yes, I could pay up to $20
        7.32%
    4. No
      52.85%
«1

Comments

  • AXYZEAXYZE Member
    edited August 2021

    Why "No" option has no checkbox? o.O @raindog308 could you please fix that? I cant modify poll

    Edit: I removed and added poll once again. It's fine now

  • @AXYZE said:
    Why "No" option has no checkbox? o.O @raindog308 could you please fix that? I cant modify poll

    bc you set it as the subtitle

  • AXYZEAXYZE Member
    edited August 2021

    @SirFoxy said:

    @AXYZE said:
    Why "No" option has no checkbox? o.O @raindog308 could you please fix that? I cant modify poll

    bc you set it as the subtitle

    Yup, you're right. Sorry, it's my first poll. I thought that options are indented, didnt see this subtitle thing is also indented.

    I removed this poll and edited post with new poll. It's fine now.

  • Tried X4B.net?

  • I'll just go with providers that build DDOS protection into their network and everyone just gets it included. Like hosts that are with Clouvider or OVH.

    Thanked by 1Clouvider
  • These protections just a nothing, only advertising tricks to attract buyers.
    How to check if you really protected for your money?

    Thanked by 1JasonM
  • yoursunnyyoursunny Member, IPv6 Advocate

    I'm not gonna pay for DDoS protection.
    It's like buying a condom every month when you don't even have a girl.

    If someone dares to DDoS me, I publish their IP on this forum and ask them to write an apology letter.
    https://www.lowendtalk.com/discussion/comment/3263648/#Comment_3263648

    If they refuse, I tell Santa to put them on the naughty list, and then they'll receive a lump of coal on Christmas.

  • ArkasArkas Moderator

    I'd pay an extra $5 for good DDOS protection.

  • Ian_Dot_TechIan_Dot_Tech Member, Patron Provider

    @yoursunny said:
    I'm not gonna pay for DDoS protection.
    It's like buying a condom every month when you don't even have a girl.

    If someone dares to DDoS me, I publish their IP on this forum and ask them to write an apology letter.
    https://www.lowendtalk.com/discussion/comment/3263648/#Comment_3263648

    If they refuse, I tell Santa to put them on the naughty list, and then they'll receive a lump of coal on Christmas.

    Can you make a link tree ( https://linktr.ee/) with all of the lists you have created?

  • ClouviderClouvider Member, Patron Provider

    @yoursunny said:
    If they refuse, I tell Santa to put them on the naughty list, and then they'll receive a lump of coal on Christmas.

    Just send them Krampus way

    Thanked by 1yoursunny
  • The providers you mentioned have decent enough protection (at the L4 level, at least) to protect you from skids. L7 is a much more intensive attack but you could defend yourself from most attacks by using CloudFare. Botnets, are a different story...

  • It definitely depends on the cost as well as the level of protection you get. I'm happy to pay the $3 a month for BuyVM's protected IP addresses. Paying $3 to absorb terabit scale floods is an absolute steal.

    I don't think I'd be willing to pay more than $10-$15 for protection when there are a large amount of providers these days that get you protection built into the entire network or charge very little for protection in the hundreds of Gbps or higher.

    I've seen providers charge $50+ (sometimes even hundreds) for a fairly mediocre protection capacity. It's not 2011 anymore.

  • I'd like to study ddos some more.

    I figure you could program your own basic ddos protection onto your vps.

    Linux kernel even has some provisions for that.

  • It totally depends on what I'm hosting.
    I have critical customers that would suffer if they were targeted by ddos, so naturally they run ddos protection. But I do not host that kind of customers on lowend providers.
    On lowend hosting I only run things that can handle some downtime, so it really wouldn't make sense to pay extra for ddos protection.

  • It's 2021. Why is DDoS Protection not implemented by default?

  • It depends, If there is no anti-ddos by default, I would pay up to 5 USD extra for some anti-ddos.

    If there is already anti-ddos, for me to pay extra for it, it would need to be much better than the default one.

  • @holden said:
    I'd like to study ddos some more.

    I figure you could program your own basic ddos protection onto your vps.

    Linux kernel even has some provisions for that.

    You can do a fair amount server side to at least try to stop your server resources being exhausted, but even that can only do so much. You'll need your provider to do 99.9% of the work.

  • @rcy026 said:
    It totally depends on what I'm hosting.

    Exactly

  • catscats Member

    You could always get a 512MB with BuyVM and a $3 IP ($5.50/m I think?) and tunnel it to wherever you want, lots of people do that :)

    Honestly it's a good model, I use BuyVM's protection in a few instances and love it. My provider (Nexeon) offers basic protection and higher levels as well, but I'd rather just tunnel what I need via BuyVM in the first place.

    Thanked by 11nf
  • yoursunnyyoursunny Member, IPv6 Advocate

    @yoursunny said:
    If someone dares to DDoS me, I publish their IP on this forum and ask them to write an apology letter.

    Today's naughty list:

    sunny@vps4:/var/log/caddy$ jq -c '.request|select((.uri|startswith("/?")) and (.uri|length>32))' yoursunny2017.log | head
    {"remote_addr":"144.202.103.75:45641","proto":"HTTP/1.1","method":"GET","host":"yoursunny.com","uri":"/?4219983937691R94918000013lv264342001456L190090422159J"}
    {"remote_addr":"144.202.103.75:45641","proto":"HTTP/1.1","method":"GET","host":"yoursunny.com","uri":"/?e243223971308i1865180989500d230113399602E230559059937N"}
    {"remote_addr":"144.202.103.75:45641","proto":"HTTP/1.1","method":"GET","host":"yoursunny.com","uri":"/?g42965230375x2027719986897g151615498116y251350333407d"}
    {"remote_addr":"144.202.103.75:45641","proto":"HTTP/1.1","method":"GET","host":"yoursunny.com","uri":"/?429026075569n120159145757nY107085057568d243759469002Y"}
    {"remote_addr":"144.202.103.75:45641","proto":"HTTP/1.1","method":"GET","host":"yoursunny.com","uri":"/?a11839647591h893948212472u127910872586S2170796230270"}
    {"remote_addr":"144.202.103.75:45641","proto":"HTTP/1.1","method":"GET","host":"yoursunny.com","uri":"/?s87987754770p189413413547IV150583011492Y139925524904o"}
    {"remote_addr":"144.202.103.75:45641","proto":"HTTP/1.1","method":"GET","host":"yoursunny.com","uri":"/?3155316219009T159574496673qO1642633488696174720877191a"}
    {"remote_addr":"144.202.103.75:45641","proto":"HTTP/1.1","method":"GET","host":"yoursunny.com","uri":"/?s165888957661124945652957p&46160373293h259761910105G"}
    {"remote_addr":"144.202.103.75:45641","proto":"HTTP/1.1","method":"GET","host":"yoursunny.com","uri":"/?u105383876555W66232289427Mu36924709724r161962121559V"}
    {"remote_addr":"144.202.103.75:45641","proto":"HTTP/1.1","method":"GET","host":"yoursunny.com","uri":"/?w59230458822y1180948379016k175857424901O4531280353i"}
    
    sunny@vps4:/var/log/caddy$ jq -r '.request|select((.uri|startswith("/?")) and (.uri|length>32))|(.remote_addr|sub(":[0-9]*$";""))' yoursunny2017.log | sort | uniq -c | sort -rnk1 | head
        369 147.135.114.12
        217 192.111.129.150
        179 103.214.146.185
        159 185.107.82.164
        141 166.111.81.80
        130 198.37.103.70
        129 109.237.214.239
        128 106.75.173.103
        117 67.201.33.10
        112 144.202.103.75
    

    My website was down for an hour because kernel OOM killer killed Caddy server process after these requests ate all the memory.
    I have added auto-restart configuration, so it would recover automatically next time.

    sudo systemctl edit caddy.service
    [Service]
    Restart=on-abnormal
    RestartSec=10s
    CPUAccounting=yes
    CPUQuota=10%
    MemoryAccounting=yes
    MemoryHigh=96M
    MemoryMax=128M
    

    But then, if you see your IP on the list, please stop hiding in the shades.
    Strong people shall come out and duel at dawn!

  • @yoursunny said:

    @yoursunny said:
    If someone dares to DDoS me, I publish their IP on this forum and ask them to write an apology letter.

    Today's naughty list:

    But then, if you see your IP on the list, please stop hiding in the shades.
    Strong people shall come out and duel at dawn!

    I see somebody else is fighting that fight.

    My network does the same, though it's mostly for layer 3/4 attacks as opposed to HTTP ones. We've reported close to 7,000 IP addresses in the last week or so (3-4k of those being emails + AbuseIPDB, and the rest being solely AbuseIPDB)

    We don't always get a response, but it's nice when we get a notification from a university telling us they've stopped one of their devices being used as a reflector, or when a cloud provider notifies us of action against the customer abusing them.

    Thanked by 1mythicalkitten
  • oplinkoplink Member, Patron Provider

    We debated charging for dos protection as a line item when we rolled out. We ult, decided to included it as a selling point with all our services. I think dos protection moved into the position that good providers offer it included or baked into website price.

    Think about it..
    Why would a provider leave IP unfiltered? It's a potential risk to everyone in that rack or vps node. Companies who offer on/off function for dos protection is a gimmick. Filtering sits in front of your core uplinks and watches all packets.

  • @cats said:
    You could always get a 512MB with BuyVM and a $3 IP ($5.50/m I think?) and tunnel it to wherever you want, lots of people do that :)

    Honestly it's a good model, I use BuyVM's protection in a few instances and love it. My provider (Nexeon) offers basic protection and higher levels as well, but I'd rather just tunnel what I need via BuyVM in the first place.

    this can be use to protect layer7?

  • GhtGht Member

    Actually Protection is the main thing of a Server. If the server costs $20/m the protection should cost $200/m , DDoS Costs money and in these forum no one can afford DDoS protection. i see everyone who wants $5/year servers , an ipv4 costs $2/3 idk how anyone can handle selling servers for $5.

  • @Ght said:
    Actually Protection is the main thing of a Server. If the server costs $20/m the protection should cost $200/m , DDoS Costs money and in these forum no one can afford DDoS protection. i see everyone who wants $5/year servers , an ipv4 costs $2/3 idk how anyone can handle selling servers for $5.

    IP is less than $1.5 in bulk (/24 and bigger). Providers that use Hetzner for instance have some sort of DDoS protection already included in the low pricing of their server at Hetzner. Decent protection like full Corero or Path.net is available at additional price at most providers offering in this price range. I can't image another way than using the default datacenter protection for these prices.

  • skorupionskorupion Member, Host Rep

    @webcraft said:

    @Ght said:
    Actually Protection is the main thing of a Server. If the server costs $20/m the protection should cost $200/m , DDoS Costs money and in these forum no one can afford DDoS protection. i see everyone who wants $5/year servers , an ipv4 costs $2/3 idk how anyone can handle selling servers for $5.

    IP is less than $1.5 in bulk (/24 and bigger). Providers that use Hetzner for instance have some sort of DDoS protection already included in the low pricing of their server at Hetzner. Decent protection like full Corero or Path.net is available at additional price at most providers offering in this price range. I can't image another way than using the default datacenter protection for these prices.

    hetzner charges 2 usd per ip per month so no. Addicionally renting ipv4 is 6+ bucks per year with /24. Stop posting bs figures.

  • @Ght said:
    If the server costs $20/m the protection should cost $200/m

    Not in this day and age.

  • GhtGht Member

    @Courvix said:

    @Ght said:
    If the server costs $20/m the protection should cost $200/m

    Not in this day and age.

    So you can find me a server $20 that has Full DDoS Protection ? Bruh stop it , just grow up i said this is a costly sport , and no one here can handle to pay for Protection :)

  • @Ght said:

    @Courvix said:

    @Ght said:
    If the server costs $20/m the protection should cost $200/m

    Not in this day and age.

    So you can find me a server $20 that has Full DDoS Protection ? Bruh stop it , just grow up i said this is a costly sport , and no one here can handle to pay for Protection :)

    Yes. There are too many to count.

  • no it should be free.

    on that note condoms should be free too.

Sign In or Register to comment.