DDOS Mitigation

DDOS Protection and Mitigation

At HostingFuze Network we understand how important uptime is for your sites. That is why we include Free DDOS Mitigation with all of our hosting services. The DDOS Mitigation system constantly monitors network traffic and diverts malicious traffic to a filtering appliance while allowing good traffic to continue through.

Included Features & Services with ALL Hosting Services

DDOS Protection
DDOS Protection

Defends against known, unknown and evolving DoS, DDoS and other volumetric attacks.

DOS Protection
DOS Protection

Defends against attacks via TCP, UDP, IP protocols, Invalid IP packets, ICMP types, Time To Live field, packets lengths, and more

Portal
Portal

Receive up to the minute notifications of attacks, mitigation and resolution of DOS and DDOS attacks.

Robust Network
Robust Network

With over 230Gbps of Global Routing capacity we can handle the largest of attacks.

Managed
Managed

Our highly trained team of security specialists monitor the network ensuring it is running at its peak performance.

Dedicated Support
Dedicated Support

Our support team is here 24 hours a day, 7 days a week, 365 days a year monitoring your services and ensuring it stays online.

Voxility 500Gbps anti-DDoS Protection that Works with Any Application

 

About DDOS Protection

What does this service do?
This addon provides you with an affordable source of Denial Of Service protection.

If you don’t know what this is, nor have you been sent an email regarding a nullroute being applied against your IP, it’s unlikely you need this 🙂

How much does it cost ?

All service (hosting, vps, dedicated, games, teamspeak) include free DDoS protections by Voxility.

Aditional protected IP addresses cost $3.00/month per IP address in all locations we operate.

How much filtering is provided?

We provide over 250 million packets-per-second of filtering or over 250Gbit/sec for volumetric floods.

This amount of protection is not dedicated to you but is a pool all protected users share from in each location.

What types of floods does it protect against?

Here is an exhaustive list of floods that our filtering helps protect against:

  • TCP SYN + ACK
  • TCP FIN
  • TCP RESET
  • TCP ACK
  • TCP ACK + PSH
  • TCP Fragment
  • TCP (SYN, etc.), ICMP, UDP Floods
  • HTTP URL GET/POST Floods
  • Malformed HTTP Header Attacks
  • Slow-HTTP Request Attacks
  • SYN Floods Against SSL Protocols
  • Malfromed SSL Attacks
  • SSL Renegotiation Attacks
  • SSL Exhaustion (Single Source/Distributed Source)
  • DNS Cache Poising Attacks
  • DNS Request Flood
  • SIP Request Floods
  • IGMP
  • Brute Force
  • Connection Flood
  • Spoofing / Non-Spoofed
  • Mixed SYN + UDP or ICMP + UDP flood
  • Ping of Death
  • Smurf
  • Reflected ICMP and UDP
  • Teardrop
  • Botnets
  • Blackenergy, Darkness, YoYoDDoS, etc
  • Common DoS/DDoS Tools
  • Slowloris/Pyloris, Pucodex, Sockstress, ApacheKiller
  • Voluntary Botnets
  • HOIC, LOIC, Etc
  • Application Attacks
  • Zero-day DDoS attacks
  • DDoS attacks targeting Apache, Windows, or OpenBSD vulnerabilities

As well as many others. Some protection may require a ticket to be enabled, namely some of the HTTP layer 7 protection.

In some cases we can get custom rules put in place to help, so be sure to let us know if you see a flood passing through.

What subnets does the the Layer 7 protection use?

Layer 7 protection connections will come from the following subnets.

93.115.83.64/26
93.115.90.64/26
5.254.88.64/26
5.254.110.0/26
5.254.107.0/26
5.254.115.128/26
5.254.108.64/26

You’ll need to configure your webserver to assign the users connecting IP from the X_FORWARDING_FOR field. In NGINX you’ll want to use a setup like:

set_real_ip_from 93.115.83.64/26;
set_real_ip_from 93.115.90.64/26;
set_real_ip_from 5.254.88.64/26;
set_real_ip_from 5.254.110.0/26;
set_real_ip_from 5.254.107.0/26;
set_real_ip_from 5.254.115.129/26;
set_real_ip_from 5.254.108.64/26;
real_ip_header X-Forwarded-For;

For Apache 2.2 you’ll have to install mod_rpaf to do this for you.

For Apache 2.4 you’ll want to install mod_remoteip. You’ll want to configure mod_remoteip the following way:

RemoteIPHeader X-Real-IP
RemoteIPInternalProxy 93.115.83.64/26
RemoteIPInternalProxy 93.115.90.64/26
RemoteIPInternalProxy 5.254.88.64/26
RemoteIPInternalProxy 5.254.110.0/26
RemoteIPInternalProxy 5.254.107.0/26
RemoteIPInternalProxy 5.254.115.129/26
RemoteIPInternalProxy 5.254.108.64/26

Is there an SLA?

Our filtering carries a 99.9% uptime SLA.

This SLA does not cover users getting application layer floods.

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close