: DDos Mitigation Services Any have any experience using these? And what are the pro's and cons? Can you expect a high level of false positives? Are they 100% effective?

@Nimeshi995

Disclosure: A family member works for Adversor.

There is no such thing as 100% DDoS protection at the minute (unless someone has more computing power than the rest of the world combined).

Some offer a range of Reverse Proxies, some use adaptive black/white listing (sometimes teaming up with other services for more accurate lists - distributed DDoS protection if you like) and the finally some use application firewalls.

Generally as long as you have protected against Slowloris, then your next port of call would be to look at an Application Firewall and bot-proof forms (but this requires a development style that works in tandem otherwise you'll create customer facing DoS situations not solve them).

Reverse proxies will help in the case of a DDoS (especially if they are Geo targeted so only one region would be affected). Be warned that you'll have to invest some time checking the HTTP requests/responses work properly. A lot of DDoS protection services will only point FastFlux DNS records towards their servers after a DDoS attack has been detected (to keep running costs down) so expect a bit of downtime during the switchover.

Many Webmasters with high(ish) profile sites and a low budget (generally on a single server) will just protect against Slowloris and then use code-level protection instead of application firewalls. If they need to scale, reverse proxies from a non-DDoS Protection provider (i.e. a CDN) can be most cost effective, flexible and withstand more traffic.

However if you have the budget/server-sprawl/awkward-development and want more peace of mind, you can outsource it to a specialist DDoS Protection service.

Vote Up Vote Down