DDoS protection

jnicol

New Member
#1
As a VPS noob, I'm wondering if it's worthwhile installing some sort of protection against DDoS attacks. I'm not aware of any of my sites or my client's sites having been the target of an attack before, but there's a first time for everything!

My questions are:

- Do other KH customers run software to mitigate DDoS attacks?
- If so, what? I've seen mod_evasive and dos_deflate mentioned.
- Am I being paranoid by worrying about DDoS?
 

Dan

Moderator
#2
Morning jnicol,

Your server should have CSF (Configserver Firewall) and it can provide some protection against DDoS. However anything installed at the VPS level is going to leave the traffic on the network anyways and KH is the only one that can do anything to mitigate that...which they will.

Perhaps some others will chime in with their thoughts/feelings on the subject.
 

jnicol

New Member
#3
Thanks Dan. It sounds as if taking special measures to mitigate DDoS at the VPS level is somewhat ineffectual, and really needs to happen at the web host or data centre level? I suspect I'm overthinking something that isn't really a problem, or at least not one I can do much about!
 

Dan

Moderator
#4
jnicol,

That would be correct. When a DDoS attack occurs KH will null-route the IP numbers being attacked and that gets done in the routers, not even in the host machines our VPSs are in. If there is anything more we could do I am sure that KH would have let us know before now as their have of course been some of these attacks on the KH network.
 

KH-Jonathan

Director of Managed Services
Staff member
#5
Thanks Dan. It sounds as if taking special measures to mitigate DDoS at the VPS level is somewhat ineffectual, and really needs to happen at the web host or data centre level? I suspect I'm overthinking something that isn't really a problem, or at least not one I can do much about!
This is pretty spot-on. DDoSs these days are to the level that in-VPS mitigation can only go so far with a truly distributed attack. If it's just a standard attack with only a few hosts hitting you, then sure, a VPS can filter a ton.

True DDoS protection is a very expensive and complex process. That's why it basically has it's own market segment with significantly higher prices.
 
Top