I suggest you ...

Cloudways should add DDoS protection service

DDoS is a common problem now, maybe Cloudways can add a DDoS Mitigation service and upgrade their Network hardware to secure against Level 3 DDoS attacks

293 votes
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Anonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →
    planned  ·  AdminCloudways (Admin, Cloudways) responded  · 

    After some difficulties with Cloudflare, we have spoken now with Sucuri (https://sucuri.net/). They offer malware removal, website firewall (providing DDoS protection among other things, requires DNS redirection to point to their firewalls) and site scanning (via local agent). All features independent (we can offer all or some).

    We are thinking that a better approach to solving our customers problems when it comes to security and performance will be to offer (as add-ons) Sucuri (security centric and very focused on our most common apps) and MaxCDN (pure CDN focused on performance).

    Any one has had experience with Sucuri? We have already tested (and in talks with them) and looks very promising.

    Let us know thoughts on this (Sucuri + MaxCDN) approach (vs Cloudfront). We know this is well overdue and want to get it rolling.

    Cloudways Team

    41 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...
      • Sam commented  ·   ·  Flag as inappropriate

        I am using cloudflare and they are pros when it comes to DDoS.

        What was the difficulties with Cloudflare? Please elaborate.

      • Woorkup commented  ·   ·  Flag as inappropriate

        I agree with Michael. I think it also needs to be affordable. Sucuri + KeyCDN would be a better solution.

      • Michael Dorchain commented  ·   ·  Flag as inappropriate

        For small to medium traffic, I'm pretty sure Cloudfront will be a more cost efficient solution for most. For this add-on to be successful it needs to be affordable. If the add-on it doubles or triple the hosting cost it will probably not get so much traction. Hosting + Security still need to remain below the price of a fully managed premium hosting for it to be interesting.

      • Anonymous commented  ·   ·  Flag as inappropriate

        Securi is great, have used it did 2 years and been very happy. But only works with Wordpress, will the service you offer will them work for any software installed like magento prestashop etc

      • Marcus Stafford commented  ·   ·  Flag as inappropriate

        I've always found Securi to be wanting in the malware detection game.

        I've used it, albeit the free version, on dozens of sites and it never finds the malware file I've uploaded as a test. It always gives a clean bill of health

      • AdminCloudways (Admin, Cloudways) commented  ·   ·  Flag as inappropriate

        After some difficulties with Cloudflare, we have spoken now with Sucuri (https://sucuri.net/). They offer malware removal, website firewall (providing DDoS protection among other things, requires DNS redirection to point to their firewalls) and site scanning (via local agent). All features independent (we can offer all or some).

        We are thinking that a better approach to solving our customers problems when it comes to security and performance will be to offer (as add-ons) Sucuri (security centric and very focused on our most common apps) and MaxCDN (pure CDN focused on performance).

        Any one has had experience with Sucuri? We have already tested (and in talks with them) and looks very promising.

        Let us know thoughts on this (Sucuri + MaxCDN) approach (vs Cloudfront). We know this is well overdue and want to get it rolling.

        Cloudways Team

      • Anonymous commented  ·   ·  Flag as inappropriate

        cloudways could alternatively implement dropping packets from IPs that persist say more than 20 requests per specific amount of time

        keeps networking simpler and removes another layer of complexity.

      • Matt commented  ·   ·  Flag as inappropriate

        CloudFlare is a steaming pile of crap.

        Just surfing behind a proxy, you'll encounter many websites behind the 5-10 second wait time while they verify. I do not recommend building an internet that supports the Cloudflare inefficiency.

      • capflam commented  ·   ·  Flag as inappropriate

        I'm all for DDOS protection but please NOT Cloudflare. What a horrible service. When I tried Cloudflare Pro, my site was down many times a day, while the server was up and running fine.
        I know a lot of others who had the same issues.
        Not to mention a drop on Google when I added Cloudflare, all went back to normal when I removed Cloudflare.

        Additionally, DDOS attacker know very well how to workaround Cloudflare, it's so easy. There are Cloudflare resolvers everywhere and any kid with a computer knows it.

      • AdminCloudways (Admin, Cloudways) commented  ·   ·  Flag as inappropriate

        Thanks Paul for your comments and graph.

        Here we are discussing more about security than performance. It is because of this we are researching Cloudflare as an option.

        For CDN and speed, we are most probably going to implement MaxCDN as an add-on https://cloudways.uservoice.com/admin/forums/203824-service-improvement/suggestions/6040498-offer-cdn-services-as-an-add-on. We are currently going over API.

        Cloudways Team

      • Paul Braren commented  ·   ·  Flag as inappropriate

        Another approach would be partnering with AWS CloudFront and their CDN, if they're willing to handle DDoS protection too, see http://aws.amazon.com/security/. Also nice if using zone apex that Route 53 offers, see http://aws.amazon.com/route53/faqs/ (so you don't need the www).

        I temporarily tested AWS CloudFront to run my entire site a couple weeks back, so an nslookup on my site name would show a CloudFront pool of IPs. In the end, we got tripped up with .htaccess issues, and simply ran out of time to resolve it (.htaccess issues were resolved by Cloudways support)

        When it was up for a few days though, the speed was excellent, and much improved outside of north america. See this network diagram and follow the numbers to (hopefully) understand make what I'm describing a bit clearer:
        https://cdn.tinkertry.com/files/This-is-how-AWS-CloudFront-is-seamlessly-and-securely-serving-up-all-of-tinkertry.com-sanitized.png

        Using AWS CloudFront had the nice side effect of automatic CDN'ing of all my site's images, without any re-coding. That also meant URLs then never needed a CNAME like cdn.tinkertry.com/path/filename.png , instead, simply tinkertry.com/path/filename.png worked fine.

      • AdminCloudways (Admin, Cloudways) commented  ·   ·  Flag as inappropriate

        We are considering partnering with Cloudflare and offer it as an application add-on (similar approach we have taken with New Relic and will take with MaxCDN).

        At application tab level, you will have the option to enable it (Free or paid Pro version) or disable.

        Let us know your thoughts.

        Cloudways Team

      Feedback and Knowledge Base