DDoS Protection

DDoS Protection protects your servers, websites or services from so-called distributed denial-of-service attacks. These attacks aim to overload your systems or services with mass requests and make them unavailable. Our protection solution detects and blocks such attacks in real time - automatically and without manual intervention.

DDoS protection increases the availability, security and therefore the reputation of your IT infrastructure - especially for publicly accessible services such as websites, stores, game servers, APIs or email systems. As attacks are often automated and carried out by large botnets, countermeasures are becoming increasingly important.

Protection against outages

A DDoS attack (Distributed Denial of Service) aims to flood a server with masses of requests until it becomes unreachable. Without protection, the affected service becomes inaccessible to real users and can often only be restored with the help of the provider.

Avoiding loss of revenue

Particularly in the case of online stores or SaaS services, any outage can cause direct financial damage through lost sales, lost leads or loss of image.

Our solution constantly analyzes incoming traffic for anomalies (sensoring). As soon as an attack is detected, the malicious traffic is redirected via our Scrubbing Center, normalized and only legitimate traffic is allowed through to the target system. This happens within seconds without affecting your services. In some cases, it may be necessary to route the traffic permanently via our Scrubbing Center - this is known as permanent mitigation.

Our DDoS Protection protects against, among other things:

• Volume-based attacks (UDP floods, amplification)
• TCP attacks (SYN flood, RST flood)
• DNS or NTP attacks
• Mixed vector attacks (complex mixed attacks)
• Targeted attacks on individual services (mitigation templates)

A mitigation template specifies the rules within the DDoS scrubbing center according to which the traffic is filtered in the event of an attack. In order to enable the most effective filtering of attack traffic, it is advisable to only operate services of the same type per IP. For example, if you host several game servers of different games on one server, you should group them by IP. With our cheapest tariff (Bronze DDoS Protection), you do not have the option of selecting the mitigation template. Here, only a generally valid DDoS protection template is active, which filters for common standard DDoS attacks. If you opt for our Silver DDoS Protection, you can choose from our predefined filter templates for each server IP. These were created in advance by our DDoS specialists. It is not possible to customize these filter templates. If suitable filter templates are missing for your service, our support team can create a customized filter template for a fee. The Gold and Platinum DDoS Protection tariffs include an individual filter template tailored to your needs. Our DDoS specialists create a new filter template to optimally protect your services against manipulation from the Internet.

If you only rarely expect an attack and your services are not business-critical, our Bronze or Silver DDoS Protection is absolutely sufficient in most cases. If you operate critical services that require an individual filter option, our Gold and Platinum tariffs would be the right choice. Our DDoS specialists will be happy to advise you!

The whitelisting and blacklisting of IP addresses always requires an individual mitigation template. This function is therefore only available with our Gold or Platinum DDoS Protection packages.

Geo-IP (short for geolocation via IP address) refers to the technology used to determine the geographical location of a user based on their IP address. This works by comparing the IP with large databases that assign countries, cities or providers to IP blocks. An individual mitigation template is required to exclude certain countries for your service. We will be happy to work this out for you with our Gold and Silver DDoS Protection tariffs.

With permanent mitigation, traffic is always routed via our scrubbing center (not just in the event of an attack). This procedure may be necessary in the event of frequent, recurring attacks. It can also be used for testing purposes, for example to optimize filter templates or to check whether the DDoS protection solution is filtering too much traffic or whether the filters need to be adjusted.

Basic protection is included free of charge with many of our vServer and dedicated products. For particularly sensitive applications, we offer extended protection packages with more capacity, longer mitigation or individual filter templates.

No - We do not currently offer granular filtering on layer 7 (e.g. HTTP traffic) with our DDoS protection solution. However, we do provide HTTP flood defense and HTTP connection defense, which offers a kind of basic protection for websites. We also check the data traffic for botnet traffic via an IP reputation database. A web application firewall with SSL offloading is required for complete HTTP protection. This can be booked as part of our firewall tariffs. The WAF also provides basic protection against SQL injections and cross-site scripting attacks.

No, our DDoS protection solution is not billed according to traffic volume or mitigation time. There are no additional hidden costs. However, frequent, highly targeted attacks may require an individual filter template and therefore a tariff upgrade.

Yes - it is possible to use webhooks to receive an automatic notification from our sensors about ongoing DDoS attacks. The following notification methods are currently supported:

• Email notification
• Individual webhook
• Discord webhook
• Mattermost webhook
• Slack webhook
• Telegram bot The messages can be customized using predefined variables. We also offer real-time information about ongoing attacks in our server management.