2015-04-07, 08:42 PM
2015-04-07, 11:29 PM
Shared hosting generally won't give you DDoS protection because a powerful attack could inconvenience other customers on server by outright flooding in inbound connection.
I know that OVH has reasonably good DDoS protected servers. In addition, do not use cPanel if you currently are, because the Apache config options with it suck if you're being attacked.
I'd use a 2GB OVH Cloud Server with its basic DDoS protection (free), nginx and php-fpm, and put it behind Cloudflare or Incapsula.
What kind of rates are you seeing when you're under attack? I know that this has worked well up to ~500-800Mbps.
I know that OVH has reasonably good DDoS protected servers. In addition, do not use cPanel if you currently are, because the Apache config options with it suck if you're being attacked.
I'd use a 2GB OVH Cloud Server with its basic DDoS protection (free), nginx and php-fpm, and put it behind Cloudflare or Incapsula.
What kind of rates are you seeing when you're under attack? I know that this has worked well up to ~500-800Mbps.
2015-04-14, 09:03 AM
(2015-04-07, 11:29 PM)Josh H. Wrote: [ -> ]Shared hosting generally won't give you DDoS protection because a powerful attack could inconvenience other customers on server by outright flooding in inbound connection.
I know that OVH has reasonably good DDoS protected servers. In addition, do not use cPanel if you currently are, because the Apache config options with it suck if you're being attacked.
I'd use a 2GB OVH Cloud Server with its basic DDoS protection (free), nginx and php-fpm, and put it behind Cloudflare or Incapsula.
What kind of rates are you seeing when you're under attack? I know that this has worked well up to ~500-800Mbps.
Ovh's firewall will basically drop almost all network attacks so it works somewhat well for larger attacks than that lol.
But Ovh wouldn't help you much at the 7'th layer which is what he is getting attacked at as shared hosting has no way to see whom is getting attacked network wise unless they have dedicated ips assigned to each costumer which I doubt.
So like you said, throw up cloudflare in front and push it to "I'm under attack" when you need it even though it's easy to bypass.
2015-04-15, 12:22 AM
Quote: Ovh's firewall will basically drop almost all network attacks so it works somewhat well for larger attacks than that lol.Right, I meant that I had tested it myself up to that point just fine, not necessarily that it was the max.
Quote: But Ovh wouldn't help you much at the 7'th layer which is what he is getting attacked at as shared hosting has no way to see whom is getting attacked network wise unless they have dedicated ips assigned to each costumer which I doubt.
At some point, it becomes a bit of a network layer problem if there are enough requests, so it could help in that respect. But, I agree, there's more to it than just using a different provider.
2015-05-09, 08:05 AM
(2015-04-07, 11:29 PM)Josh H. Wrote: [ -> ]Shared hosting generally won't give you DDoS protection because a powerful attack could inconvenience other customers on server by outright flooding in inbound connection.
I know that OVH has reasonably good DDoS protected servers. In addition, do not use cPanel if you currently are, because the Apache config options with it suck if you're being attacked.
I'd use a 2GB OVH Cloud Server with its basic DDoS protection (free), nginx and php-fpm, and put it behind Cloudflare or Incapsula.
What kind of rates are you seeing when you're under attack? I know that this has worked well up to ~500-800Mbps.
Whilst I partially agree about Apache and DDoS attacks, I have to disagree about your cPanel statement. There are plenty of options available (such as Nginx, nginxcp.com is fairly popular) and LiteSpeed which both integrate with cPanel and maintain their own WHM plugins. LiteSpeed can provide basic DoS protection, though for modern day attacks the network uplink will be saturated well before any server side software has a chance of filtering the malicious traffic in question.
I understand this thread is around 1 month old and so I'd like to think that the OP has recovered by now. I've seen more and more people switch from the well-known CloudFlare solution to Sucuri: http://cloudproxy.sucuri.net/ddos-protection
Something that may be worthwhile looking at for future visitors of this thread.
2015-05-09, 08:24 AM
It depends on the attacks. If they are just layer 7 attacks without any high traffic/PPS associated then any cPanel service with LiteSpeed or nginx should do the trick for the most part (unless they have something like CloudLinux which will drop connections after X amount of connections).
We've been getting a lot of people moving off of cPanel hosting due to DDOS attacks and so far the best option for us has been a DDOS protected VPS with VestaCP (Apache + nginx goodness). Saved us and our clients a pretty penny also.
I was using RamNode for a while a few months back before moving our site back on our network and it was pretty good (don't have any stats but based on the size of attacks we were getting they were well over the network uplink of 1Gbps). Prior to RamNode I've used BuyVM in the past but that was back when they were using Staminus I believe.
As others have said, shared hosting is not the best idea when it comes to DDOS attacks because instead of one attack targeting one IP you have many different attacks targeting one IP (unless each site has a dedicated IP of course, in which case it's many different attacks targeting one piece of hardware). The problem is that the attacks aren't measured individually, they are cumulative so if AttackA is sending 30Gbps of UDP packets at Website1, AttackB is sending 10Mpps of TCP packets at Website2, and AttackC is sending a layer 7 attack at Website3 then any other websites on that server are receiving the same attacks whether or not they are the intended target. Instead of your enemies attacking your website you now have other people's enemies attack your website so in order to reduce the size of the target you're better off getting a virtual server somewhere and running your website off that so now you only have to worry about the attacker who are targeting just your website (in most instances it'll only be one attack at a time also, even though most likely a distributed one).
Hope that makes sense.
We've been getting a lot of people moving off of cPanel hosting due to DDOS attacks and so far the best option for us has been a DDOS protected VPS with VestaCP (Apache + nginx goodness). Saved us and our clients a pretty penny also.
I was using RamNode for a while a few months back before moving our site back on our network and it was pretty good (don't have any stats but based on the size of attacks we were getting they were well over the network uplink of 1Gbps). Prior to RamNode I've used BuyVM in the past but that was back when they were using Staminus I believe.
As others have said, shared hosting is not the best idea when it comes to DDOS attacks because instead of one attack targeting one IP you have many different attacks targeting one IP (unless each site has a dedicated IP of course, in which case it's many different attacks targeting one piece of hardware). The problem is that the attacks aren't measured individually, they are cumulative so if AttackA is sending 30Gbps of UDP packets at Website1, AttackB is sending 10Mpps of TCP packets at Website2, and AttackC is sending a layer 7 attack at Website3 then any other websites on that server are receiving the same attacks whether or not they are the intended target. Instead of your enemies attacking your website you now have other people's enemies attack your website so in order to reduce the size of the target you're better off getting a virtual server somewhere and running your website off that so now you only have to worry about the attacker who are targeting just your website (in most instances it'll only be one attack at a time also, even though most likely a distributed one).
Hope that makes sense.