NEWSVultr Kubernetes Engine is Now Generally Available

Article

Table of Contents
Theme:
Was this article helpful?

3  out of  6 found this helpful

Try Vultr Today with

$50 Free on Us!

Get started now
Want to contribute?

You could earn up to $600 by adding new articles.

Learn more!

Vultr DDoS Protection

Last Updated: Thu, Jan 13, 2022
FAQ

Introduction

Vultr's native DDoS mitigation system adds an extra layer of protection to keep your hosting infrastructure online and operating even when they are the target of attacks. You can secure your website from DDoS attacks in minutes with our automatic DDoS mitigation service, which is available in all our worldwide locations. Our system monitors network traffic and routes malicious activity to our attack mitigation farm after a DDoS event is detected, generally within 60 seconds.

Vultr's native DDoS mitigation system protects your cloud server without increased latency or routing your traffic to a third party. DDoS protection adds 10Gbps of mitigation capacity per instance and safeguards all attached IPv4 addresses.

If you use Vultr DDoS protection, you must also use Vultr's DNS nameserver: 108.61.10.10

Frequently Asked Questions

What types of servers can be protected?

DDoS Protection is available for Cloud Compute and High Frequency Compute instances. It's included at no charge for single-tenant cloud customers who use Dedicated Cloud instances.

Do I need to do anything to my server after enabling DDoS Protection?

Your server must use Vultr's recursive DNS resolver to be protected. By default, server instances at Vultr automatically use our DNS resolver via DHCP. If you have modified your server's network configuration, please verify your DNS resolver is 108.61.10.10. See our article about Vultr's DNS servers to learn more.

How does DDoS protection work?

Vultr's DDoS system works by dynamically routing traffic from your server when an attack is detected. Attack detection is fully automated based on proprietary detection algorithms, filtering attack traffic while clean traffic can reach your servers.

How is traffic filtered during a DDoS attack?

When a DDoS attack is detected, incoming traffic is re-routed to our Attack Mitigation Farm (AMF), which filters traffic based on specific attributes of the current attack. Clean traffic is tunneled directly to your server in the same data center, ensuring that no packets ever leave our premium low-latency network as one might typically encounter with a 3rd party DDoS Mitigation service provider.

What IP protocol layers are supported by DDoS protection?

Our DDoS protection works against Layer 3 and Layer 4 attacks.

Does Vultr protect against both TCP and UDP attacks?

Yes.

Does Vultr monitor 3rd party IP space (Customer announced IP space) for attacks?

Yes, we monitor all IP space for attacks, but DDOS mitigation is only performed for Vultr IP addresses. Additionally, we monitor third-party IP space, which is eligible for automated temporary null-route protection if an attack exceeds specific heuristics.

In which locations is DDoS Protection available?

DDoS Protection is available in all Vultr locations.

Interested in protecting against even larger attacks than 10Gbps?

Coming Soon - We will be offering higher protection levels as an add-on subscription in the future.

Want to contribute?

You could earn up to $600 by adding new articles.

Submit your article Suggest an update Request an article