top | item 45964486

(no title)

fusl | 3 months ago

Happy to hear anyone's suggestions about where else to go or what else to do in regards to protecting from large-scale volumetric DDoS attacks. Pretty much every CDN provider nowadays has stacked up enough capacity to tank these kind of attacks, good luck trying to combat these yourself these days?

discuss

trollbridge|3 months ago

Somehow KiwiFarms figured it out with their own "KiwiFlare" DDOS mitigation. Unfortunately, all of the other Cloudflare-like services seem exceptionally shady, will be less reliable than Cloudflare, and probably share data with foreign intelligence services I have even less trust for than the ones Cloudflare possibly shares them with.

bandrami|3 months ago

Is a DDOS more frequent and/or worse than stochastic CDN outages?

isodev|3 months ago

Anubis and/or Bunny are good alternatives/combination depending on your exact needs

- https://anubis.techaro.lol/

- https://bunny.net/

fusl|3 months ago

Unfortunately Anubis doesn't help where my pipe to the internet isn't fat enough to just eat up all the bandwidth that the attacker has available. Renting tens of terabits of capacity isn't cheap and DDoS attacks nowadays are in the scale of that. BunnyCDN's DDoS protection is unfortunately too basic to filter out anything that's ever so slightly more sophisticated. Cloudflare's flexibility in terms of custom rulesets and their global pre-trained rulesets (based on attacks they've seen in the past) is imo just unbeatable at this time.

RKFADU_UOFCCLEL|3 months ago

Why do people on a technical website suggest this? It's literally the same snake oil as Cloudflare. Both have an endgame of total web DRM; they want to make sure users "aren't bots". Each time the DRM is cracked, they will increase its complexity of the "verifier". You will be running arbitrary code in your big 4 browser to ensure you're running a certified big 4 browser, with 10 trillion man hours of development, on an certified OS.

unknown|3 months ago

[deleted]

Doman|3 months ago

bunny.net is not reachable for me too... really funny

https://imgur.com/a/8gh3hOb

q3k|3 months ago

Just accept that a DDoS might happen and that there's nothing you can do about it. It's fine, it's just how the Internet works.

herbst|3 months ago

That was possible when a DDos was usually still an occasional attack by a bad actor.

Most time I get ddosed now it's either Facebook directly, Something something Azure or any random AI.

peanut-walrus|3 months ago

So accept that your customers won't be able to use your services whenever some russian teenager is bored? Yeah, good luck with justifying that choice.