Skip to content
View in the app

A better way to browse. Learn more.
OSBot :: 2007 OSRS Botting

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

DDoS protection advice?

Alch
in Spam/Off Topic

Featured Replies

I expect to be under heavy fire due to the market I'm going to be stepping into. What would be the best way to protect both a website and a server hosting 100+ people playing games? Any advice is appreciated :)

 

 

Cloudflare added + ram has been upgraded on my current business today due to attacks starting after mentioning I might be stepping into this market. Looking to take any/every step possible to minimize the effects of these attacks.

What plan are you using on cloudflare? I think their top tiers (business/enterprise) are the only ones with true anti-ddos measures, at the network level. Other than that, splitting the website from the game servers will help keep the stress off either or, as they can only try and hit one at a time or have to split their resources. Also profiling the code and finding hotspots (aka 1 request causes a lot of CPU or IO stress) will prevent them from being exploited. More details on the situation/what software will be running would be helpful. Also, never give the direct server IP out, or disable cloudflare on any of the vulnerable servers. Once they can get around cloudflare its game over.

    •
    • Like 1
    • Author

    What plan are you using on cloudflare? I think their top tiers (business/enterprise) are the only ones with true anti-ddos measures, at the network level. Other than that, splitting the website from the game servers will help keep the stress off either or, as they can only try and hit one at a time or have to split their resources. Also profiling the code and finding hotspots (aka 1 request causes a lot of CPU or IO stress) will prevent them from being exploited. More details on the situation/what software will be running would be helpful. Also, never give the direct server IP out, or disable cloudflare on any of the vulnerable servers. Once they can get around cloudflare its game over.

     

    Thank you for the critical info. Is there any way that someone could get the direct server IP without being told by me?

     

    Edit: If so, can anything be done to eliminate this risk?

    Edited by Bogla

    Thank you for the critical info. Is there any way that someone could get the direct server IP without being told by me?

     

    Edit: If so, can anything be done to eliminate this risk?

     

    If you don't hand out the IP and none of your HTML/other public files mistakenly refer to it (99.9% sure they wouldn't be), they can't get it. Cloudflare is a reverse proxy, so just like when you use a proxy your IP is hidden, the servers IP is hidden in a reverse proxy tongue.png Just make sure all the DNS entries on the cloudflare have an Orange cloud instead of gray and you're golden.

    Edited by dudeami

    • Like 1
    • Author

    Noted. Thanks a ton dudeami!

     

    Anyone else have any tips on how to turn my website into a bunker ? :P

     

    Create an account or sign in to comment
    Go to topic listing

    Recently Browsing 0

    • No registered users viewing this page.

    Account

    Navigation

    Search

    Search

    Configure browser push notifications
    Chrome (Android)
    1. Tap the lock icon next to the address bar.
    2. Tap Permissions → Notifications.
    3. Adjust your preference.
    Chrome (Desktop)
    1. Click the padlock icon in the address bar.
    2. Select Site settings.
    3. Find Notifications and adjust your preference.