Questions about DDOS protection

[984]

I've been thinking about opening a website/online service recently however I'm pretty paranoid about things like DDoS attacks. I get that Cloudflare or some other WAF is essential but what sort of configurations do you recommend on your WAF? I also believe you can do some stuff to mitigate or limit DDoS attacks from the server but I'm pretty clueless about that too. Any input would be appreciated :)

CONFIRM WITH ME ON SITE BEFORE ANY DEALING!
IMPERSONATORS ARE LURKING
ALWAYS CONFIRM ON SITE WITH CRACKED.IO/KUROCRACKS
MY CURRENT TELEGRAM IS @KuroCracks

ULTIMATE DOXXING/OSINT TOOL: HTTPS://OSINTCAT.COM

[308]

Bump would also like to know

[984]

This is a bump

CONFIRM WITH ME ON SITE BEFORE ANY DEALING!
IMPERSONATORS ARE LURKING
ALWAYS CONFIRM ON SITE WITH CRACKED.IO/KUROCRACKS
MY CURRENT TELEGRAM IS @KuroCracks

ULTIMATE DOXXING/OSINT TOOL: HTTPS://OSINTCAT.COM

[56]

From my experience, working at a place that is sometimes on the receiving end of DDoS attacks - it's pretty much impossible, unless you sign up for an expensive service like Cloudflare. Even then, it's not guaranteed if your public IP is found out. The problem with DDoS attacks is that they can be purchased as an on-demand service that utilise botnets. Most likely any mitigation your ISP can provide wouldn't be enought to protect against the multiple GB/s data that a DDoS attack overloads you with. Once your Internet connection is overwhelmed, you're done for until it ends.

[984]

What would you personally recommend in the way of mitigation? I know a fair amount of services like to flex that they are "unhittable" (doubt) or some stuff along those lines and I'm wondering how these people are actually going about making their websites as difficult to attack as possible. Is it really just paying a bunch of money for a WAF?

CONFIRM WITH ME ON SITE BEFORE ANY DEALING!
IMPERSONATORS ARE LURKING
ALWAYS CONFIRM ON SITE WITH CRACKED.IO/KUROCRACKS
MY CURRENT TELEGRAM IS @KuroCracks

ULTIMATE DOXXING/OSINT TOOL: HTTPS://OSINTCAT.COM

[984]

This is a bump

CONFIRM WITH ME ON SITE BEFORE ANY DEALING!
IMPERSONATORS ARE LURKING
ALWAYS CONFIRM ON SITE WITH CRACKED.IO/KUROCRACKS
MY CURRENT TELEGRAM IS @KuroCracks

ULTIMATE DOXXING/OSINT TOOL: HTTPS://OSINTCAT.COM

[15]

ty

[458]

I've been thinking about opening a website/online service recently however I'm pretty paranoid about things like DDoS attacks. I get that Cloudflare or some other WAF is essential but what sort of configurations do you recommend on your WAF? I also believe you can do some stuff to mitigate or limit DDoS attacks from the server but I'm pretty clueless about that too. Any input would be appreciated :)

Hi, look into iptables. many people use iot nets so they will have a lot of unique ips. Also some layer7 methods tend to use obvious methods such as using blackberry user agents (nobody uses blackberries anymore so u can just block the user agent completely on your waf)