Network
      Back to home
      1. Help Center
      2. Product Docs
      3. Network

      DDoS Protection

      Generic DDOS protection is active by default for every server at no additional cost.

      What is a DDOS attack?

      Distributed Denial-of-service (DDOS) is a type of cyber attack when multiple compromised servers are leveraged to attack a targeted system in order to disrupt its normal traffic, service or network by overwhelming the targeted system or its surrounding infrastructure with a flood of Internet traffic.

      What are the most common DDOS attacks?

      There are two most popular DDOS attack methods to disturb a server: SYN flood and Amplified.

      SYN flood is a form of DDOS attack when an attacker sends a succession of SYN requests to the targeted system, in order to consume enough server resources to make the system unresponsive to legitimate traffic.

      DNS amplification is a form of DDOS attack when an attacker exploits DNS server vulnerabilities, in order to send relatively small queries and elicit exponentially larger payloads, which are then directed to the targeted system.

      What is generic DDOS protection?

      Generic DDOS protection is an automated protection system that monitors each and every server on a network level. It is enabled by default and comes with no additional cost to the user.

      The traffic of every server is being scrubbed from NTP, SSDP, CharGen, DNS and several others well-known DDOS attack vectors. In addition to this, Cherry Servers network is being monitored 24/7 by seasoned network engineers, who are ready to react manually with any means necessary to preserve seamless network operations.

      DDoS protection with Third-Party services

      If you require additional DDoS protection, we recommend integrating a third-party service like Cloudflare with Cherry Servers. For example, by using Cloudflare's DDoS protection for website filtering, we can restrict incoming traffic to your server to originate only from Cloudflare. This service can be implemented for an additional fee.

      How do we protect the world from DDoS attacks?

      We automatically drop requests that are coming from IP addresses which are listed in Spamhaus and some other advisory "drop all traffic" lists. You server traffic can also be temporarily suspended due to an unusually high amount of outgoing packets per second.