DDoS protection

[handsonhosting]

Oh, definitely just because you have hardware protection doesn't mean that you shouldn't have software protection - there's a lot that gets past a hardware firewall that a software firewall will protect against. In a massive campaign however, the hardware firewall and dDOS protection that it can provide, is a necessity to have on standby. Even from a router level being able to route an IP that is being targeted - that can be a lifesaver too.

 

[Testtube302]

I believe unless you are with a provider that specializes in DDos attacks you are at risk. We have refered many friends/customers over to staminus. We often followed up with them only to find not only did they scrub the bad traffic and the datacenter they host in didnt see a thing. But Staminus worked with the customer on a price/protection that worked specifically for them. I cant say enough nice things about that company

 

[GridVirt]

We just use Software bassed DDOS protection and have never suffered ant DDOS attacks in 11 years, so i would say your statement is incorrect

Your statement is incorrect. Maybe you have not been ddosed or maybe the attacks were very small which software can handle. But any large medium to large ddos especially UDP flood for example is going to quickly kill any software protection and even lots of the hardware based protection that is not at the switch level.
Software ddos protection is not protection but a false sense of security for those that do not know any better.

 

[easyhostmedia]

Your statement is incorrect. Maybe you have not been ddosed or maybe the attacks were very small which software can handle. But any large medium to large ddos especially UDP flood for example is going to quickly kill any software protection and even lots of the hardware based protection that is not at the switch level.
Software ddos protection is not protection but a false sense of security for those that do not know any better.

if you are going to leave useless comments to boost your post count then first READ the whole thread

our current server providers have hardware protection in place, but we still install software protection as an extra precaution

 

[GridVirt]

It is not useless it is true. Also just because the protection is hardware does not mean it will be much more effective that software. For example many hosts are still using Cisco guard as their protection and advertising they have ddos protection because of this. Cisco Guard was EOL a longtime ago and really not at all effective these days.

 

[SenseiSteve]

Everyone is susceptible to these attacks. If protection is what you need, then ask a lot of questions of those providers who advertise protection - it can mean very different things to different people. What's ultimately important is whether you get the protection you're paying for. I've seen a UDP flood take down a large portion of a data center for hours.

 

[Igal Zeifman]

Hardware Firewall is a relatively expensive solution that won`t work as well for distributed DDos (since it is well masked as an "ordinary" traffic from a multitude of different and legitimate IP addresses).

For such attacks deflation and absorption is the only good solution and this can be best achieved by using a CDN Cloud service that will "swallow" all traffic for you while still allowing your site to stay on-line.
Also, as always, prevention is the best defense. Most DDos attacks start with a visit of a scanner bot who identifies vulnerabilities and send a "potential prey" message to future attacker.
And so, good bot blocking software can prevent your DDos from happening.

Today you can get cloud CDN + online PCI complient WAF as 360 degree security service for a fraction of a price of hardware WAF. This also means better site speed, easier updates and etc.

 

[znetwebhost]

some data centers provide network level ddos preventers. how effect is it?

 

[VPS9.net]

Ya DDOS protection makes your service secure and reliable too..

 

[StyleX Networks]

Software based DDOS prevention is only effect up to a certain limit. If its severe then it will required hardware based firewalls which will be costly.

 

[suppoB]

I know that some administrators install Nginx on the server and redirect the site which is causing the DDos attack to localhost.Thus, they stop the DDOS attack.

 

[storminternet]

Unless you shutdown the weak or compromised machine through which ddos attack begins it can not be easily stopped. But I know it's not easy to trace the ddos origin so better to keep servers protected with firewall.

 

[Igal Zeifman]

Yes, as DDOS is one of the dangerous and malicious attacks in Online world and it can damage your site to a huge extent. Your site will be down for a couple of days till the attack stops and if your website is your source of income, then you might suffer huge economical losses. Hardware Firewall is the best solution for DDOS.

Agreed,
But I would still propose to have a look at Cloud WAF solutions.
This can provide you with all the benefits of Hardware WAF + offer a CDN based deflation and balancing mechanisms, thus protecting you from both layer 3-4 (network) DDoS and layer 7 (i.e. botnet) DDoS.
It will probably also be more cost-effective and require much less effort to maintain.

 

[traxport121]

Its most effective when used with a hardware firewall. The software protection can easily be broken specially when the whole IP pool is attacked.

 

[ughosting]

We found that an Arbor Scrubber and Imperva WAF in series tends to put pay to most attacks.

 

[BetaWaffle]

Software protection (e.g. CloudFlare) can easily be broken, which is why it is best to rely on hardware.

 

[m2hdiana]

Hi,

Yes, ddos deflate is really good protection and helps a lot for server security.

 

[mr.log]

Free cPanel applications or some modules not enough for DDoS Protection. Even If you using that Proxy DDoS Protection not much longer when the attack touch 2-3mints.

We research on those attacks and build our own cloud layers, DNS Filters, Firewall, FW Monitor, instant cloud backups and then attach bcloud network.

Then we satisfied. But day by day we are improving our self's more and more.

Thanks.

 

[easyhostmedia]

we have WHMxtra installed on our servers which comes with a good selection of DDOS protection and other security applications. In 6 years of having VPS servers we have never suffered any DDOS attacks on any site hosted on any of our servers.

 

[tnhcatherine]

Yes, I do also agree that software level DDOS protection is needed but it protects the server till certain limit only. If the attack level is high then you must have a hardware level protection On to handle the DDOs and save the server.