How to protect my Server from DDoS Attack?
DDoS Attacks
Let's all share in this topic, I invite all to participate and give their own view.
OK, let me start.
You must before anything know that there are many types of DoS/DDoS attacks, UNLIMITED.
You can first think to block them via IPTables, but this will be an unsuccessful way in many cases for the following reasons:
I'll share more later, tell me your opinion
OK, let me start.
You must before anything know that there are many types of DoS/DDoS attacks, UNLIMITED.
You can first think to block them via IPTables, but this will be an unsuccessful way in many cases for the following reasons:
- There are many types of UDP based DoS/DDoS attacks. It will be hard to track every attack and analyze it to be able to put a successful filter. It's also time-consuming, to detect each case and filter it.
- The packets maybe 100% the same as legit, and in this case, you cannot put any filter.
- IPTables is too late, the packet already hit your device, mostly IPTable won't be able to protect to a good extend. But it's better than nothing.
- You will need to learn how to use many modules in IPTables, to be able to do a good job using it.
- IPTables already tested as a solution and failed. The failure of such a method can be seen in NFO Anti-DDoS protection, they automatically try to match good rules that will protect. But mostly their protection so easy to penetrate.
I'll share more later, tell me your opinion
He who fails to plan is planning to fail
A good point to state.
Let me continue,
Personally, I ran a community from 2013~2015 and it was classic Mod plus some other mods. At this time I remember we were many inside the server and the server almost was full most of the time [No boost at all]. I would say, I never got DDoS/DoS attacks although I was using zero-protected VPS(s). You must ask yourself, why someone wastes his time/money... etc to just attack you. A point to be noted.
OK, I'm sorting the service providers into 3-zones (Based on protection level):
- Asian (Russia, China... etc.)
- US (USA, canada)
- Europe (Germany, UK.. etc.)
US zone, a good choice, and they are advanced in both protocols whether TCP or UDP based attacks. But usually, protection only provided to dedicated servers, not VPS/VDS. This means you will pay more.
Europe zone, has many levels and moderate prices. I'm stating some examples, Hetzener has medium protection against UDP-based attacks. There also OVH which has a little higher performance than Hetzener, but for a higher price.
OK, let's simplify things.
There are two things you need to know:
- Exploits - Thanks to ReHLDS team who reverse-engineered CS HLDS, now the code is open source. There should be from time to time some people who trace exploits and use them against servers. Their aim either to create money from such exploits or just to bug others. In such cases, you should get enough information about the exploit and make an issue on ReHLDS github. And hopefully, the ReHLDS team will resolve it. Such issues related to the game engine or game core should be fixed by the game developer (in our case ReHLDS team). The hosting company not related to this.
- DoS/DDoS - In this one, there should be good filtering devices installed before your dedicated server to protect it. You will need to communicate with your service provider and ask him to explain the levels of protection for the device.
Later, I'll share my opinion about OVH UDP protection. What their advantages/disadvantages, and is it the best solution to go with or not.
He who fails to plan is planning to fail
OK, here I'm writing my experience with OVH UDP/TCP protection that can be useful for game servers.
Most attacks that can take down the CS1.6 server will be UDP based, the reason is that the game basically uses this protocol for transmitting data between user/server. As I said in #2, #4 most service providers do not provide good protection for this protocol. But one of the providers that claimed to have good UDP protection is OVH. In this post let's see the advantages/disadvantages to use their UDP protection.
OVH said that it has devices before your dedicated server, and they will filter the packets before allowing them to hit your machine. In the case of malicious packets, they will be dropped in earlier stages. OVH provides UDP protection in only special dedicated servers.
Advantages of their protection:
I have spent some time debugging their protection (maybe 3 years ago), and as a conclusion, it's not the same as they saying. But at the end, I'm telling you to choose 0% protected or 60~70% what you will choose?
This all about their protection, you now got some ideas about them. I'll continue to post some more posts later.
Most attacks that can take down the CS1.6 server will be UDP based, the reason is that the game basically uses this protocol for transmitting data between user/server. As I said in #2, #4 most service providers do not provide good protection for this protocol. But one of the providers that claimed to have good UDP protection is OVH. In this post let's see the advantages/disadvantages to use their UDP protection.
OVH said that it has devices before your dedicated server, and they will filter the packets before allowing them to hit your machine. In the case of malicious packets, they will be dropped in earlier stages. OVH provides UDP protection in only special dedicated servers.
Advantages of their protection:
- Easy to use, for simplicity all you need to do is to add the UDP port and the protection will be enabled on this port. Which means all packets will be filtered first.
- It will mitigate as much as it can. You don't need to analyze packets... etc. but the devices placed before your dedicated server by them will do the job.
- Lag during connection to your server, almost one of the most annoying things about their protection is that it lags all clients when they try to connect to the server. Sometimes this results in dropping clients.
- The protection may fail many times, and this will result in dropping all clients. We recorded this in this topic viewtopic.php?f=22&t=3326. It may take a large time from their side to fix their issues.
- During large attacks, they usually will not be able to filter legit/malicious packets well. For this reason, if a client is not trusted (defined by their protection devices), he may be dropped and he is a legit user. So false dropping is possible under medium to large attacks.
- They do not offer UDP protection for VPS, this means you need to buy a dedicated server which is expensive +90$/month. In case you running one server this will be not suitable at all. (Can be resolved if you bought old devices from soyoustart, just a suggestion)
I have spent some time debugging their protection (maybe 3 years ago), and as a conclusion, it's not the same as they saying. But at the end, I'm telling you to choose 0% protected or 60~70% what you will choose?
This all about their protection, you now got some ideas about them. I'll continue to post some more posts later.
He who fails to plan is planning to fail
In case you wanna OVH protection at cheap prices then, you will need to get one of the following:
- SoYouStart - Official brach that sells devices that got old. I think you will not find Asian zone.
- FullTimeHosting - Reseller, I cannot find also Asian zone here.
- ExtraVM - Reseller, he has Singapore.
He who fails to plan is planning to fail
And http://www.cloudways.com/Raheem wrote: ↑3 years ago In case you wanna OVH protection at cheap prices then, you will need to get one of the following:Please note that dealing with resellers, not the best thing to do. They can anytime terminate your service without reason or you may lose the IP at any time. The best is to be with the original supplier directly, SoYouStart is official. But to be with official, you know you will need to pay more, check here. You can search for more, these what I know.
- SoYouStart - Official brach that sells devices that got old. I think you will not find Asian zone.
- FullTimeHosting - Reseller, I cannot find also Asian zone here.
- ExtraVM - Reseller, he has Singapore.
z0h1r-LK
Here I'm giving a review about Hetzener protection.
Why you may use them?
The score may I give to them 40~50%.
The price is low, so don't expect 100%. At least for the price I see the protection level is fine.
I think they have data centers in Germany only. Maybe this is the bad thing about them.
I don't test them personally, if someone tested and finds they are better than my review, then please comment down. My recommendation, not bad and not expensive to try if you are a victim of DDoS.
Why you may use them?
- Mainly, because their prices are low.
- They are using some good hardware before your dedicated server to protect it.
- They provide protection against both UDP/TCP and others. But mainly for HL/CS you are protecting your UDP (ex. 27015).
- Their protection is moderate (4-layer, OVH is 7-layer).
- You can easily enable it.
The score may I give to them 40~50%.
The price is low, so don't expect 100%. At least for the price I see the protection level is fine.
I think they have data centers in Germany only. Maybe this is the bad thing about them.
I don't test them personally, if someone tested and finds they are better than my review, then please comment down. My recommendation, not bad and not expensive to try if you are a victim of DDoS.
He who fails to plan is planning to fail
I'll talk about protected solutions in the US zone.
I said before that there are many good hosting in the US zone, you will need to search and try for the best solution. I'll state the two solutions I'm aware of.
Solutions for US zone:
You can ask here: There also others where you can ask, just search.
I said before that there are many good hosting in the US zone, you will need to search and try for the best solution. I'll state the two solutions I'm aware of.
Solutions for US zone:
- Choopa
- They protect TCP/UDP, so it can be useful in CS/HL server hosting.
- Their protection is built by their engineers.
- They only selling dedicated servers +100$/month, which will be suitable only for communities with +6 servers. You may also search for good resellers that resell their service as VPS/VDS (low prices).
- Canada OVH Data center
- OVH provide UDP protection in their Canada data center.
- Consider using SoYouStart for lower prices (But it's also old devices). SoYouStart has a Canada location (+35 EUR/month).
- Advantages/Disadvantages will be same as stated in #5
You can ask here: There also others where you can ask, just search.
He who fails to plan is planning to fail
So let's summarize what I said till now.
Before running a CS/HL server (CS1.6/HL/CSCZ/CSS/CSGO) you need to think about DDoS/DoS protection. CS/HL servers are subjected to UNLIMITED types of DoS/DDoS attacks, that can take down your server for some time. Most of the attacks that can take down your server are UDP-based. This is why when you search for hosting you need to ensure if it has UDP mitigation or not.
Anti-DDoS solutions will cost the hosting provider extra money. This is the reason why you will need to pay more for a DDoS-protected service. And some providers do not invest in protection, and some do not provide UDP protection but provide only TCP. All providers aim to minimize their cost to earn more, and you need to search for good hosting that has good protection.
You need to know that you may be with the main hosting provider like to be with OVH directly, and you may be with a reseller that buys their service and resell it as VPS/VDS. Be noted that yes you will pay less with a reseller, but you are subjected to disturbing things. I give you a short story about resellers. ExtraVM is a reseller, I was using it for some time and sometimes when I get DDoSed he suspended the service telling me that I used the VPS to launch a DDoS, and the fact is that I was a victim. After the suspension, I lost all things, and databases got corrupted... etc. Was a horrible experience that why I'm telling you this. One more thing to note always, resellers can anytime change your server IP without any valid reason. This something to fear as you know if IP changes you will lose many players. So please before you say I'll choose a reseller because of the lower cost, think about the harm that they can do for you after a short period.
Regardless of the reason why someone will attack you, you must protect yourself to a good extend. As I discussed that IPTables is not a practical solution. So you need to look for some robust/practical solutions, and I already discussed some in this topic. You need to try one of them and evaluate it yourself.
So to rest in peace, follow what I said. And put in your mind, protection is relative and we just need to make the attacker believe he fails so he does not try to attack again and again. He still can restrike but as said earlier, it's better than the 0-protected level.
Before running a CS/HL server (CS1.6/HL/CSCZ/CSS/CSGO) you need to think about DDoS/DoS protection. CS/HL servers are subjected to UNLIMITED types of DoS/DDoS attacks, that can take down your server for some time. Most of the attacks that can take down your server are UDP-based. This is why when you search for hosting you need to ensure if it has UDP mitigation or not.
Anti-DDoS solutions will cost the hosting provider extra money. This is the reason why you will need to pay more for a DDoS-protected service. And some providers do not invest in protection, and some do not provide UDP protection but provide only TCP. All providers aim to minimize their cost to earn more, and you need to search for good hosting that has good protection.
You need to know that you may be with the main hosting provider like to be with OVH directly, and you may be with a reseller that buys their service and resell it as VPS/VDS. Be noted that yes you will pay less with a reseller, but you are subjected to disturbing things. I give you a short story about resellers. ExtraVM is a reseller, I was using it for some time and sometimes when I get DDoSed he suspended the service telling me that I used the VPS to launch a DDoS, and the fact is that I was a victim. After the suspension, I lost all things, and databases got corrupted... etc. Was a horrible experience that why I'm telling you this. One more thing to note always, resellers can anytime change your server IP without any valid reason. This something to fear as you know if IP changes you will lose many players. So please before you say I'll choose a reseller because of the lower cost, think about the harm that they can do for you after a short period.
Regardless of the reason why someone will attack you, you must protect yourself to a good extend. As I discussed that IPTables is not a practical solution. So you need to look for some robust/practical solutions, and I already discussed some in this topic. You need to try one of them and evaluate it yourself.
So to rest in peace, follow what I said. And put in your mind, protection is relative and we just need to make the attacker believe he fails so he does not try to attack again and again. He still can restrike but as said earlier, it's better than the 0-protected level.
He who fails to plan is planning to fail
This happen in me before, I have weak root password at that time. Only way to get rid of that, is by putting strong password. (Mine is 64 characters).Raheem wrote: ↑3 years ago So let's summarize what I said till now.
Before running a CS/HL server (CS1.6/HL/CSCZ/CSS/CSGO) you need to think about DDoS/DoS protection. CS/HL servers are subjected to UNLIMITED types of DoS/DDoS attacks, that can take down your server for some time. Most of the attacks that can take down your server are UDP-based. This is why when you search for hosting you need to ensure if it has UDP mitigation or not.
Anti-DDoS solutions will cost the hosting provider extra money. This is the reason why you will need to pay more for a DDoS-protected service. And some providers do not invest in protection, and some do not provide UDP protection but provide only TCP. All providers aim to minimize their cost to earn more, and you need to search for good hosting that has good protection.
You need to know that you may be with the main hosting provider like to be with OVH directly, and you may be with a reseller that buys their service and resell it as VPS/VDS. Be noted that yes you will pay less with a reseller, but you are subjected to disturbing things. I give you a short story about resellers. ExtraVM is a reseller, I was using it for some time and sometimes when I get DDoSed he suspended the service telling me that I used the VPS to launch a DDoS, and the fact is that I was a victim. After the suspension, I lost all things, and databases got corrupted... etc. Was a horrible experience that why I'm telling you this. One more thing to note always, resellers can anytime change your server IP without any valid reason. This something to fear as you know if IP changes you will lose many players. So please before you say I'll choose a reseller because of the lower cost, think about the harm that they can do for you after a short period.
Regardless of the reason why someone will attack you, you must protect yourself to a good extend. As I discussed that IPTables is not a practical solution. So you need to look for some robust/practical solutions, and I already discussed some in this topic. You need to try one of them and evaluate it yourself.
So to rest in peace, follow what I said. And put in your mind, protection is relative and we just need to make the attacker believe he fails so he does not try to attack again and again. He still can restrike but as said earlier, it's better than the 0-protected level.
I'm not personally using resellers anymore. Also, I don't run servers since 4 years.
This just for anyone, it may help.
This just for anyone, it may help.
He who fails to plan is planning to fail
I have the second dis advantageRaheem wrote: ↑3 years ago OK, here I'm writing my experience with OVH UDP/TCP protection that can be useful for game servers.
Most attacks that can take down the CS1.6 server will be UDP based, the reason is that the game basically uses this protocol for transmitting data between user/server. As I said in #2, #4 most service providers do not provide good protection for this protocol. But one of the providers that claimed to have good UDP protection is OVH. In this post let's see the advantages/disadvantages to use their UDP protection.
OVH said that it has devices before your dedicated server, and they will filter the packets before allowing them to hit your machine. In the case of malicious packets, they will be dropped in earlier stages. OVH provides UDP protection in only special dedicated servers.
Advantages of their protection:Disadvantages of their protection:
- Easy to use, for simplicity all you need to do is to add the UDP port and the protection will be enabled on this port. Which means all packets will be filtered first.
- It will mitigate as much as it can. You don't need to analyze packets... etc. but the devices placed before your dedicated server by them will do the job.
OK, so the overall score I may give to their protection 60~70%. Not a bad solution, but at the same time, not the same as they are claiming. Personally, I'm recommending them only in one case: If you cannot find protection that is higher than them.
- Lag during connection to your server, almost one of the most annoying things about their protection is that it lags all clients when they try to connect to the server. Sometimes this results in dropping clients.
- The protection may fail many times, and this will result in dropping all clients. We recorded this in this topic viewtopic.php?f=22&t=3326. It may take a large time from their side to fix their issues.
- During large attacks, they usually will not be able to filter legit/malicious packets well. For this reason, if a client is not trusted (defined by their protection devices), he may be dropped and he is a legit user. So false dropping is possible under medium to large attacks.
- They do not offer UDP protection for VPS, this means you need to buy a dedicated server which is expensive +90$/month. In case you running one server this will be not suitable at all. (Can be resolved if you bought old devices from soyoustart, just a suggestion)
I have spent some time debugging their protection (maybe 3 years ago), and as a conclusion, it's not the same as they saying. But at the end, I'm telling you to choose 0% protected or 60~70% what you will choose?
This all about their protection, you now got some ideas about them. I'll continue to post some more posts later.
I bought from evolution-host.com
Can Tell me how to resolve it ? Or whats problem so then I can contact to support
I'm not in field for long time, so I can't tell a good resolution. I'm sorry for this.VicKy wrote: ↑2 years agoI have the second dis advantageRaheem wrote: ↑3 years ago OK, here I'm writing my experience with OVH UDP/TCP protection that can be useful for game servers.
Most attacks that can take down the CS1.6 server will be UDP based, the reason is that the game basically uses this protocol for transmitting data between user/server. As I said in #2, #4 most service providers do not provide good protection for this protocol. But one of the providers that claimed to have good UDP protection is OVH. In this post let's see the advantages/disadvantages to use their UDP protection.
OVH said that it has devices before your dedicated server, and they will filter the packets before allowing them to hit your machine. In the case of malicious packets, they will be dropped in earlier stages. OVH provides UDP protection in only special dedicated servers.
Advantages of their protection:Disadvantages of their protection:
- Easy to use, for simplicity all you need to do is to add the UDP port and the protection will be enabled on this port. Which means all packets will be filtered first.
- It will mitigate as much as it can. You don't need to analyze packets... etc. but the devices placed before your dedicated server by them will do the job.
OK, so the overall score I may give to their protection 60~70%. Not a bad solution, but at the same time, not the same as they are claiming. Personally, I'm recommending them only in one case: If you cannot find protection that is higher than them.
- Lag during connection to your server, almost one of the most annoying things about their protection is that it lags all clients when they try to connect to the server. Sometimes this results in dropping clients.
- The protection may fail many times, and this will result in dropping all clients. We recorded this in this topic viewtopic.php?f=22&t=3326. It may take a large time from their side to fix their issues.
- During large attacks, they usually will not be able to filter legit/malicious packets well. For this reason, if a client is not trusted (defined by their protection devices), he may be dropped and he is a legit user. So false dropping is possible under medium to large attacks.
- They do not offer UDP protection for VPS, this means you need to buy a dedicated server which is expensive +90$/month. In case you running one server this will be not suitable at all. (Can be resolved if you bought old devices from soyoustart, just a suggestion)
I have spent some time debugging their protection (maybe 3 years ago), and as a conclusion, it's not the same as they saying. But at the end, I'm telling you to choose 0% protected or 60~70% what you will choose?
This all about their protection, you now got some ideas about them. I'll continue to post some more posts later.
I bought from evolution-host.com
Can Tell me how to resolve it ? Or whats problem so then I can contact to support
He who fails to plan is planning to fail
The Solution To Save from Attack Is not to panel and any website configuration for counter strike 1.6 server i have experienced many problems because of the panel
Because the hackers will attack your site and will down your site then your cs sv will offline
I recommend to use linux only to setup server if you want your server to keep running without any problem
Because the hackers will attack your site and will down your site then your cs sv will offline
I recommend to use linux only to setup server if you want your server to keep running without any problem
Create an account or sign in to join the discussion
You need to be a member in order to post a reply
Create an account
Not a member? register to join our community
Members can start their own topics & subscribe to topics
It’s free and only takes a minute
Sign in
Who is online
Users browsing this forum: No registered users and 0 guests