Any cheaper ways to protect Bungeecord proxies?

Discussion in 'BungeeCord Discussion' started by nickbbeezy, Oct 5, 2013.

  1. Is there any decent way to prevent (d)dos attacks against a bungeecord proxy without having to pay $200+ a month? It's just not worth it for the few attacks I do receive (some are too small to even both with though), but it is nice to have protection just in case.

    Are there some fancy IP table rules I'm missing out on or is everyone actually paying this much..?
     
  2. OVH's VAC works pretty well, but yes. Lots of people do pay that much.
     
  3. Outlaw11A

    Supporter

    I was in the exact same boat as you. Receiving attacks, but not enough to be worth it to get proper protection.

    I decided to follow this guide: http://www.andyhuang.net/blog/2013/02/ddos-protection-for-minecraft-servers.html

    It worked a charm. I had proxy servers in: 1 x US - East, 2 x US - West and 1 x Europe. This all cost me around $20 a month and provided me with about 4 gbps protection.

    I used a round robin setup to link them all up.

    Whilst using this setup, it worked like a charm. Attacks dropped to none. The only downside is that players will notice a slight increase in latency, and everyone's IP will be the same as the proxies.

    That was fine about 6 months ago, but since then, companies like: https://ddosdeflect.com/ have popped up, and for around the same price, are equally as good. However, if you do go down the proxy option, you are able to run other things like, TeamSpeak on the VPS's.

    I hope this helps.
     
    • Informative Informative x 2
    • Winner Winner x 1
  4. Hey
    My experience is that most of DOSS attach are performed by boys with limited knowledge of network configuration e.g. DNS.
    On my collation of servers we started using DNS srv records so only the srv record point at the minecraft server, but if you ping the same DNS record another host will answer. This is the cheapest setup and will fool 99%.
    It of cause require that you own a domain, but I assume you do so.
    Hope this alternative "fee" approach also helps you.
     
    • Informative Informative x 1
  5. Everytime a person share this information publicly, it increases the chance of servers getting DDoSed.
     
  6. Cheap DDOS Protection:$15:95 a month
    (Only works if you have a linux VPS/DEDI ) : havent tryed with windows but if works i will edit if someone has

    Step 1:
    Buy a http://buyvm.net/ Make sure it is the closest possible location to your server!Get a Minimum of 1GB with atleast 3GB bandwidth a month depending on your server size either increase but try not to decrease the size of it if possible​
    MAKE SURE YOU CLICK BUY DDOS PROTECTED IP $3 more than 1 can be purchased but your need 1!​
    Step 2:​
    Once purchased download a program called PUTTY http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
    This is used to connect to the VPS, depending on the response time hopefully the server will be setup within 1-2 hrs give or take.​
    Step 3:​
    Once you have acquired the login details for your new server your going to want to head over to http://wiki.buyvm.net/doku.php/gre_tunnel
    And Setup a GRE-TUNNEL which reroutes all your traffic going to your BUYVM VPS to your MINECRAFT VPS even the exact ports if you wish to specify!​
    Step4:​
    Login To your vps using the program putty and follow the step by step tutorial on how to foward the traffic to your server make sure that when it states:YOUR_FILTERED_IP <-- that is the ddos protected ip they give you not the main ip And When it states:DESTINATION_SERVER_IP<--- that is your minecraft server
    Step5:​
    Test the connection :)
    These servers state that they can garrentee 10gbps or 2 million packets per second​
    there is a few mroe things you can do with these servers like host websites, create a VPN many more​
     
  7. Outlaw11A

    Supporter

    Very interesting. Have you personally given it a go?
     
  8. joehot200

    Supporter

    Actually if you use BungeeCord you can get your players to keep their IPs through the proxy.
     
  9. Outlaw11A

    Supporter

    Nope, this is using a TCP tunnel, BungeeCord isn't placed on each individual proxy.
     
  10. joehot200

    Supporter

    Put BungeeCord on each VPS, then add the proxy IPs in your bungee-cord addresses. You will then keep player IPs.
     
  11. yes i have one atm connected to my server and havent had any problems with it my server is in germany on a 48gb dedi with 1gb uplink and i have the vegas server 1gb and have no problems and some players said they noticed less lag due to them being in usa, and i have tested it with private stressing sources and it blocks all unwanted traffic with no notice of anything happening
     
  12. Im currently use VAC 24/7 - no issues at all.
     
    • Disagree Disagree x 1
  13. Apart from the fact that it blocks pings from voting and status sites.
    [​IMG]
     
    • Agree Agree x 1
    • Funny Funny x 1
  14. My status bar is online and pinging.
     
  15. Mind sharing your IP to test the ping? Sounds nice!
     
  16. Not all the time, I like OVH's protection, but it does in fact block pings from status and voting sites often, 80% of the time it is fine, but the odd ping gets blocked now and then.
     
  17. jeff142

    Benefactor


    BuyVM WILL terminate your account if you have this kind of setup and see any real ddos attacks.

    I have, and others have tried this and been terminated. Your better off round robbing small vps (even this only stops small stuff)
     
  18. BuyVM terminate you for bloody anything. I had a VPS that was using 90% CPU constantly and about 60/60Mb/s. They terminated it, even though it was perfectly legit traffit/cpu use
     
    • Agree Agree x 1