Jump to content

DDoS protection advice?


Alch

Recommended Posts

I expect to be under heavy fire due to the market I'm going to be stepping into. What would be the best way to protect both a website and a server hosting 100+ people playing games? Any advice is appreciated :)

 

 

Cloudflare added + ram has been upgraded on my current business today due to attacks starting after mentioning I might be stepping into this market. Looking to take any/every step possible to minimize the effects of these attacks.

Link to comment
Share on other sites

What plan are you using on cloudflare? I think their top tiers (business/enterprise) are the only ones with true anti-ddos measures, at the network level. Other than that, splitting the website from the game servers will help keep the stress off either or, as they can only try and hit one at a time or have to split their resources. Also profiling the code and finding hotspots (aka 1 request causes a lot of CPU or IO stress) will prevent them from being exploited. More details on the situation/what software will be running would be helpful. Also, never give the direct server IP out, or disable cloudflare on any of the vulnerable servers. Once they can get around cloudflare its game over.

  • Like 1
Link to comment
Share on other sites

What plan are you using on cloudflare? I think their top tiers (business/enterprise) are the only ones with true anti-ddos measures, at the network level. Other than that, splitting the website from the game servers will help keep the stress off either or, as they can only try and hit one at a time or have to split their resources. Also profiling the code and finding hotspots (aka 1 request causes a lot of CPU or IO stress) will prevent them from being exploited. More details on the situation/what software will be running would be helpful. Also, never give the direct server IP out, or disable cloudflare on any of the vulnerable servers. Once they can get around cloudflare its game over.

 

Thank you for the critical info. Is there any way that someone could get the direct server IP without being told by me?

 

Edit: If so, can anything be done to eliminate this risk?

Edited by Bogla
Link to comment
Share on other sites

Thank you for the critical info. Is there any way that someone could get the direct server IP without being told by me?

 

Edit: If so, can anything be done to eliminate this risk?

 

If you don't hand out the IP and none of your HTML/other public files mistakenly refer to it (99.9% sure they wouldn't be), they can't get it. Cloudflare is a reverse proxy, so just like when you use a proxy your IP is hidden, the servers IP is hidden in a reverse proxy tongue.png Just make sure all the DNS entries on the cloudflare have an Orange cloud instead of gray and you're golden.

Edited by dudeami
  • Like 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...