Score:0

How to protect Backend server from DDoS

in flag

I live in a country where there is no DDOS protection for game servers ( UDP Protocol ).

Since latency is important for users, I can't host it in other country or region.

So I have only one option left and that is using fail-over servers.

Current architecture

I have a main dedicated server where game server is running.

I have 64 dummy VPS where I have installed Nginx proxy.

So the main server's IP remains hidden. Client always sees the dummy server ip.

All the 64 dummy servers are running with iptables IP whitelisting where I whitelist their ips on dummy server.

The issue.

There are some bad guys who gets whitelisted on the server, they are DDoSing Dummy server's port let's say : 27015 UDP port.

Which is directly reaching to main server and causing main server to shut down.

What I want is if they try to attack on any of the dummy server, it should get blocked.

Is there any other approach I can try?

djdomi avatar
za flag
27015? Half Life engines are not supported by serverfault.com, moreover show us the config of the nginx and how you route this?
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.