0

We had a stateful WebRTC application which received some DDOS attacks. The server had 2gbits port, so any attack over 2gbits was able to make it unavailable. Afterwards we refactored the application to be stateless and now we can deploy it to any number of servers. Currently we are considering to have around 20 VPS with 1gbits ports to handle ~20gbits DDOS. But we also would like to have some protection from the VPS provider and increase our protection. What kind of/How much protection should we look for?

There are providers with auto-mitigation options but we would like to have a configurable firewall and only allow to whitelisted IPs to access our services, if possible. But we couldn't find any suitable VPS hosting for that matter. Is it because this is the wrong way of thinking when looking for VPS? (gce has that, but networking costs a lot)

Eren CAY
  • 101
  • 1
  • 1
    I guess the cheap option to get some ddos protection would be to use Cloudflare. The [free plan](https://www.cloudflare.com/plans/) includes DDoS attack mitigation. – Henrik Pingel Jan 12 '21 at 14:35
  • 1
    Our webRTC application uses arbitrary range of TCP ports. CF mostly provides protection for HTTP related stuff. There is [CF Spectrum](https://www.cloudflare.com/products/cloudflare-spectrum/) but I think it would be extremely costly. – Eren CAY Jan 12 '21 at 15:06
  • Ah sorry, I missed that and you are right you would need the costly CF enterprise plan for spectrum. MAybe ovh is an option for you. – Henrik Pingel Jan 12 '21 at 15:58
  • We have a VPS on ovh right now but it's not activated yet for production use. The firewall is very limited on their end. So we don't know how accurately it will mitigate the attacks in that matter. – Eren CAY Jan 12 '21 at 16:35

0 Answers0