Strict Anti-DDoS filtering is a Clouding option for those servers that receive a large number of DOS (Denial of Service) or DDoS (Distributed Denial of Service) attacks on a very regular basis.
For which services is it recommended to activate it?
In our experience, the servers that are most affected by constant attacks are some online game servers or services such as TeamSpeak; although it can also be useful for other types of servers if they are subjected to a large number of DDoS attacks.
Can I enable Strict Anti-DDoS Filtering for my server if I do not receive regular attacks?
You can enable it, but we do not recommend it.
When Strict Anti-DDoS Filtering is active, the traffic going to your server is always filtered. This can have adverse effects for many types of protocols or services, so we recommend enabling this option only for those servers that really need it.
What services hosted on my server might strict filtering interfere with?
Usually, it can interfere with those services that can generate a large volume of UDP or ICMP traffic:
- VPN servers (Especially those using UDP protocols).
- DNS servers
- RDP servers (RDP protocol will only work in TCP mode, not UDP)
- Monitoring (May occasionally interfere with ICMP traffic)
Is there any additional cost?
No, there is no additional cost to activate this option. In the end, the difference between our Anti-DDoS protection system - which is by default active for all our customers - and strict filtering, is the level of sensitivity of the Anti-DDoS system.
Is my service still protected by an Anti-DDoS system if I do not activate this option?
Yes, all Clouding servers include Anti-DDOS protection. In order not to interfere with the proper functioning of the services hosted on your server, the protection system is usually in "sleep" mode and is only activated when unusual traffic directed to your server is detected.
What is the difference between normal filtering and strict filtering?
All Clouding Cloud Servers include Anti-DDoS protection, but in normal mode, this protection is in "sleeping" state. The traffic coming to your Cloud Server from the Internet is continuously analyzed and only if unusual traffic is detected, the filtering mode is activated. This is done to minimize false positives that can lead to filtering and that could affect the proper functioning and performance of your Cloud Server.
When a server has Strict Anti-DDoS Filtering enabled, traffic is always filtered by our Anti-DDoS systems. This greatly reduces the DDoS traffic that the Cloud Server can receive and at the same time reduces the reaction time of the Anti-DDoS system. But it also leads to a higher number of false positives that could affect the proper functioning of some applications or services hosted on the server.
Can I disable and enable the Strict Anti-DDOS Filtering service for my server?
No, since to activate or deactivate the Strict Anti-DDoS Filtering it is necessary to change the IP of your Cloud Server -since the IP ranges of strict filtering are different- and therefore it is not a change that can be made at any time.
But on the other hand, you can clone your Cloud Server and when creating the copy of it, you can choose whether to enable or disable Strict Anti-DDOS Filtering for your cloned server.