All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
[DE] Choosing the right DDoS protection provider
Hello,
I am looking for a DDoS protection provider focused on game server protection (MC, FiveM, TS3, Arma, CS2/1.6, ...) with PoP in Germany.
I have heard about:
1) Gcore, which offers asymmetrical protection, there are some attacks that can leak, but they are expensive, hoever they can defend like 98% of attacks
2) NeoProtect, seems quite cheap to me, have not heard a lot of about them
3) Cosmic Guard - I heard their protection is not really working, many attacks can go in and in my opinion they don't have a PoP in Germany
4) PletX - they owner hardly ever responses, which is no-go for me in case no communication from the owner
5) Path.net - Quite good filters, but they have been going trough some drama from what I have seen
6) CubePath - I have not heard anything about them
Are there any other providers of DDoS protection you would recommend for Game Server protection (for hosting purpouses). I prefer quality and stability for which I am willing to pay more.
Thank you all guys for your recommendations.
Comments
I think you need to set out a clear budget and figure out who can even provide you service within that budget and your constraints. If your budget is $50 a month, you're going to be quite limited. You'll also need to figure out if the way the provider bills makes sense for you!
Hello, my budget is not quite limited, however about 2€/Mbps/95th%/month/incoming traffic is around my max budget.
We're running points of presence in different datacenters (Digital Realty, Equinix, ...) across Frankfurt am Main, Germany. Application profiles for Minecraft, FiveM, Teamspeak 3, Arma, Steam (basically all CS) are available and can be applied with customizable filters using our API (flexrules).
Definitely reasonable! Depending on your commitment size, also consider reaching out to some vendors to see if their list pricing can be discounter. June is the last month of Q2/H1, so "they might be willing to do deals they normally don't do" as they like to say
Thanks guys, I was more likely looking for some experience/feedback with providers, since a lot of guys can tell about themselves that they are the best, but I wanted to hear the reality
For MC I can tell you https://tcpshield.com/ is pretty decent.
https://blog.tcpshield.com/
On September 6th 2023 at 20:13 UTC, TCPShield successfully detected and mitigated a record 250Mpps assault against a Minecraft community in eastern Europe.Only MC they do. If your hosting just try it, they have a free trial after all.
Voxility
Aurologic is perfect for Germany even with their basic configuration of filter rules
You can customize their rules to your liking , would suggest Aurologic
Maybe check out as203446
IP-Projects has a great DDoS Protection with its own filtering center in Frankfurt - AS48314
https://ip-projects.de/en/server-feature/ddos-protection
When you need DDoS Protection and Support on it, we're the right choice.
By default, MC, TS3, FiveM (Layer 4+7), and Source Engine servers are protected.
More information is available at:
https://docs.packets-decreaser.net/
EvoShield by Evolution Host provides advanced application layer protection for a wide variety of gameservers, including all the ones you have mentioned.
This protection can be applied remotely to your current hosting provider via our remote DDoS protection service: https://evolution-host.com/remote-ddos-protection.php
Or locally inside of one of our DDoS Protected VPS: https://evolution-host.com/ddos-protected-vps.php
Here's an example of how you can add various protection profiles: https://evolution-host.com/images/evoshield-panel.gif
Feel free to reach out if you have any questions.
It's just scam
Go for the provider who has the biggest uplinks/peers.
Buy dedicated server with strongest cpus. Dont use shared or vps.
If some asshole wants to bring you down he will.
Depending on your budget, we might fit your needs.
We charge $1.50/mbit for remote filtering with tunnel over GRE or WireGuard with a minimum 25Mbps commitment, and we go down to $1.25/mbit with cross-connections with a minimum 100Mbps commitment.
On physical cross-connections, if you only require our volume filtering and want to do your own filtering, we charge $1.15/mbit with a minimum 250Mbps commitment, with port sizes up to 100Gbps.
Feel free to shoot me a message, or open a ticket to learn more
- https://terabit.io/
Sorry, this wasn't the experience we hoped to deliver; however, we aren't providing any kind of customer support to third parties(customer to a customer). If that was the case you should contact your service provider, and we will reply almost instantly on them. And I assume that's the case with all other protection provider.
Would also like to clarify that we provide support to direct clients via multiple platform; Email, Slack, Telegram and Live chat.
Again, if you would like to become a direct client, you may contact us again and we would be happy to answer you immediately. If that was the case already please accept our apologize!
Hello,
I've tested every provider you mentioned — the only one I'm not know is CubePath. While Path.net is actually quite good, we experienced serious issues with attacks coming from IPs that were supposedly whitelisted. That was a problem for us.
Most recently, we purchased a server directly from a provider using NeoProtect / Path.net. Even though their filtering was solid, it still wasn’t effective enough for our needs — even with the filtering in place.
At the moment, Voxility seems to be the best option. However, there's a strange issue: if an attack targets one of their subnets (for example, 5.254.x.x), other unrelated IPs are also affected. I brought this up to them, but they insisted that such a thing is technically impossible — which is odd. Aside from this issue, Voxility currently appears to be in the best position.
We left you a message, but we didn't get a message back from you, it's a sad situation
Voxility does not have TCP authentication and they mostly use blocklists for attacks that are not standard DNS or NTP Amp. Their mitigation consists of a few payload checks and UDP rate limits. That would all be fine, but not for that pricing.
They advertise a "Standard" and "Premium" network. Their premium network is anything but premium. Packet loss in the evenings and constant issues.
Their NOC is fast to respond, but they have to forward everything to their "Anti DDoS" department.
Their IX presence is laughable considering their size.
Their DE-CIX port is congested every day.
Almost no one is using them anymore except 200 networks that are 90% small ISPs that probably never receive DDoS attacks. So all these customers are never going to see the problems.
Hello,
I'm glad to see you again.
Voxility’s protection has been sufficient for our use case (excluding sub-allocated IPs) — primarily TeamSpeak 3 servers and some game servers. Of course, this is just my personal opinion and based on my own experience. I'm still currently hosted with Voxility and just sharing what I’ve observed.
Yes, there are occasional packet loss issues, but they tend to be regional and usually occur in the evenings or mornings (not consistently, though).
I do agree that Voxility can be quite expensive, and I’m sure there are other providers offering decent protection at lower prices — with the right research.
For what it’s worth, I also tested SmartNet (through PacketSde***) and personally wasn’t satisfied with the protection there.
If you know exactly a company that provides a real protection, it is better to share it, you can also help the subject owner. (Real Protects)
My comment is based on a personal experience with Voxility from 2018 to 2023. The comment has nothing to do with SMARTNET, nor was it an intended advertisement.
The only reason why I posted this comment was to warn other people from signing contracts with Voxility. They run the "We don't care" policy throughout their entire company.
We have tried almost every company OP mentioned here to use as upstream/pre-filter in the recent years, @jh_aurologic is the best one so far, plus their PoPs are mainly in Germany so connectivity is also okay. Thanks to their customizable dashboard, you also can set everything as you wish wih Flexrules regarding your needs, so we recommend them.
Voxility also was fine when we try them, however, they block Asia - or at least thats what we saw, Indonesian ISPs were blocked when protection is activate.
I recommend going with Aurologic or AS203446/Smartnet. I recommend configuring their firewalls to better mitigate attacks. If you’re unsure how to do this, consider reaching out to their support team or hiring someone with the right expertise. I’d personally recommend running your own, even if simple, XDP-based protection behind any provider, but given your situation, I’m guessing this might be outside your area of expertise though. If you have a decent budget, I can connect you with one or two people who could help. Just let me know, I’m happy to do it.
Just a fair warning, aside from Voxility and the less reputable “comm-kid” protection services replying in this thread, there aren’t major issues with the other providers listed here, like Terabit, for example. Keep in mind no protection solution is perfect out of the box. The best option is the one that offers the most flexibility in configuration and strong support.
What do you think about neoprotect? Do they just resell the protected data packet network? Or do they have their own filters and protection?