1. SA-MP Forums Archive
  2. SA-MP Server
  3. Server Support

Threaded Mode
Prevent DDoS attacks
-Shifty-
Huge Clucker
****
Posts: 323
Threads: 30
Joined: Sep 2012
Reputation: 0
#1

25.04.2017, 14:22
I am currently hosting my SA-MP server at Ovh, unfortunately my server is the victim of DDoS attacks more than two times per day. The Anti-DDoS of Ovh keeps my server online for 15% of the connected players, other players are unbable to connect to the server when there is an attack going. The players are able to connect again when the attack stops.

Is there a way to make use of their Anti-DDoS feature without all the players ''timing''? And is there a method to prevent attacks with firewalld? (if yes, how?)

Thank you in advance!
Find
Reply
iLearner
Gangsta
****
Posts: 579
Threads: 18
Joined: Apr 2017
Reputation: 0
#2

25.04.2017, 16:16
I used to use ovh back in 2015, and my server was constantly under ddos attacks, switched to BlazingFast.Io. since then was and still am fine so far.
Find
Reply
Vince
Spam Machine
*****
Posts: 10,066
Threads: 38
Joined: Sep 2007
Reputation: 0
#3

25.04.2017, 16:26
You cannot prevent it, you can only hope to mitigate the effects. If you're on Linux and you haven't configured iptables then you should do so immediately. By default all ports are open, which is not what you want. You want to create a few "accept" rules on the input chain and drop anything you don't need. The first rule should allow everything on the lo0 interface (localhost traffic), the second rule should allow established or related traffic (state), the following rules should allow the traffic to the "service" ports. So 7777 for your server and 22 for SSH. The last rule should drop all the traffic that didn't match any of the previous rules. Careful though: if you make a mistake you may lock yourself out and if you don't have VNC then you're screwed until your server restarts (rules, by default, are not persistent).
Find
Reply
-Shifty-
Huge Clucker
****
Posts: 323
Threads: 30
Joined: Sep 2012
Reputation: 0
#4

25.04.2017, 19:57
Quote:
Originally Posted by Vince
Посмотреть сообщение
You cannot prevent it, you can only hope to mitigate the effects. If you're on Linux and you haven't configured iptables then you should do so immediately. By default all ports are open, which is not what you want. You want to create a few "accept" rules on the input chain and drop anything you don't need. The first rule should allow everything on the lo0 interface (localhost traffic), the second rule should allow established or related traffic (state), the following rules should allow the traffic to the "service" ports. So 7777 for your server and 22 for SSH. The last rule should drop all the traffic that didn't match any of the previous rules. Careful though: if you make a mistake you may lock yourself out and if you don't have VNC then you're screwed until your server restarts (rules, by default, are not persistent).
I think you mean this? (see below). I just configured it this way in my OVH Control Panel. Would this be enough? (I have more than 19 ports that must be opened).

Edit (forgot screenshot): http://puu.sh/vw2EW.png
Find
Reply
xPhantom
Huge Clucker
****
Posts: 388
Threads: 18
Joined: Apr 2011
Reputation: 0
#5

26.04.2017, 03:35
Are you using their VPS or dedicated server (Game)? As far as I know, their VPS line do not utilize ddos protection for game servers.

https://www.ovh.com/us/dedicated-servers/game/ (This is the lineup that offers game server DDoS protection)

Also, http://soyoustart.com offers it to and they have a server for 49.00 per month not including VAT.
Find
Reply
Astralis
Unregistered
 
#6

26.04.2017, 14:44
They would normally suspend you and ask to move out if you're getting ddosed' too often.
Reply
« Next Oldest | Next Newest »


Forum Jump:


Users browsing this thread: 1 Guest(s)
  1. SA-MP Forums Archive
  2. SA-MP Server
  3. Server Support