Score:-1

Using OVH VPS as a shield to dedicated machine

ng flag

I am having a few dedicated machines in a few hosting companies which either do not offer DDOS protection or their protection is awful. I've been contacting a few hosting companies and friends and got a suggestion about using OVH VPS as the first layer of connection or a VPN.

So members who want to access the server on my main Dedicated machine would go through my VPS first which in case of a ddos will just block further connection but will protect the current connected users.

I am interested if this is a good solution and if yes is there any valid tutorial i could follow into making this happen

vidarlo avatar
ar flag
What do you want to *achieve*? Your vps won't cope any better with a DDoS than your dedicated machine, so you've simply moved the point of failure.
in flag
@vidarlo OVH does include DDoS blocking that is somewhat effective. The have lots of clients with game servers, that tend to attract attacks.
in flag
Anyway kinda depends on your service, and how important. I would wonder if Cloudflare is the better answer, or some other service designed for that. I wouldn't really trust a cheap VPS to be in front of any critical 'production' service.
Nemanja Rankovic avatar
ng flag
I am trying to create a Game Hosting services currently going private for few friends and clients, but as soon as i try to grow a little bit my customers get attacked and all players across all gametype and servers get kicked, which i want to avoid and try to patch
djdomi avatar
za flag
Questions on Server Fault must be about managing information technology systems in a business environment. Home and end-user computing questions may be asked on Super User,
Score:0
jp flag

That is definitely not a good idea and will not serve you in the way you think it will. You will simply add latency and overhead.

If you route incoming connections over a proxy like this, the already connected users will be handled by the proxy as well, dropping their connections when you turn off the routing between the machines

A construct where users would initially connect through the VPS and have their connection handed over to the other server would imply that the other server has exposed connectivity, rendering the complete setup absolutely useless - you wouldnt stop anyone from just hitting the dedicated server again

If you are worried about DDoS attacks on your front-facing infrastructure, you could think about simply using a specialized service to achieve protection (think Cloudflare)

For non-public services, make sure to secure your server with the usual practices: Fail2ban, UFW, etc

OVH also apparently protects their network against DDoS attacks by default.

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.