0
0
I'm a real noob in "server discussions".
Im running game servers on Debian 8 but the datacenter doesn't provide physical firewall, So Im looking for a way to make my servers ddos protected, I did blocked all ports except SSH Port, GameServer Ports, FTP Port, MySQL Port and HTTP Port..
I also changed SSH Port so It's harder to attack my server using SSH Port.
Server only returns ping when I ping it on GameServer port, SSH port, HTTP Port and FTP Port, other ports are blocked or only reachable from the localhost.
My questions are:
- Is there any way to hide my server IP and list the server with domain?
- Is there any way to use CDN on a gameserver?
- What else can I do to make my server more protected?
Thanks for your answer, My clients are from Iran, I have to provide them low ping servers, since they have bad ping on every country except Iran, I can't rent a server from Kimsufi or somewhere like that, Renting a server with physical firewall and DDoS Protection is go expensive in Iran, The best thing they can do is set a rule to make server Iran Access everytime it get attacked. Can u gimme a link about OpenVPN Software Firewall ? Your answer where helpful thanks <3 – DarkSuniuM – 2017-06-29T13:06:18.820
OpenVPN is not a firewall, it's a Virtual Private Network (VPN) software - basically a soft that will emulate a LAN over the Internet. Bad idea if your users need low-ping server, since it just adds the overhead of encryption and encapsulation. It's not easy to set up, I suggest you google for a tutorial if you're still interested. As for good firewalls I don't think any is better than
iptables
without also affecting performances. Just don't forget to make sure you apply rules to bothiptables
andip6tables
and that they are persisted. – Nathan.Eilisha Shiraini – 2017-06-29T13:21:56.833I know, I used word Firewall cause u said it has some functions to do something like firewall does :D. about
iptables-save
, I didn't use this command but rules I set were working!! Is it Ok If I set connection limit all connected IPs ? is it possible ? and does it helps me ? – DarkSuniuM – 2017-06-29T13:51:51.927You don't nedd
iptables-save
to apply the rules, but you need it to prevent your server form forgetting them when it reboots. As for OpenVPN, its anti-DDoS protections only apply to itself, and add to the already heavy overhead of the VPN. – Nathan.Eilisha Shiraini – 2017-06-29T13:57:24.1201DDoS protection will not prevent a DDoS attack 100% of the time. So your server or service can still be the victim of a DDoS attack. If it happens you deal with it. – Ramhound – 2017-06-29T14:28:51.727