Hi. I have found mixed responses about this so as of now I am not yet sure of whether DO currently has DDoS mitigation or not. I have a managed Kubernetes cluster (DOKS) with a load balancer. At the moment the load balancer is behind Cloudflare but Cloudflare adds latency since it’s a proxy. Things like Argo didn’t seem to help.

So, are these load balancers protected from DDoS attacks? Do I still need Cloudflare or can I do without?

Thanks in advance

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer

Hello, @vito

DigitalOcean have DDoS protection on data center level however you still need to implement some security/firewall rules in order to protect your server from DDoS attacks. You can install some additional software like CSF (Config server level) or just implement some iptables rules.

You can check our tutorial on how to mitigate DDoS attacks with CloudFlare

https://www.digitalocean.com/community/tutorials/how-to-mitigate-ddos-attacks-against-your-website-with-cloudflare

You can also check our Cloud Firewalls:

DigitalOcean Cloud Firewalls, which are free of charge.

DigitalOcean Cloud Firewalls are a network-based, stateful firewall service for Droplets provided at no additional cost. Cloud firewalls block all traffic that isn’t expressly permitted by a rule, in other words, the traffic is blocked before it even reaches your Droplets, which means less load to your Droplets.

Hope that this helps!

Regards,
Alex

by Mitchell Anicas
CloudFlare is a company that provides content delivery network (CDN) and distributed DNS services by acting as a reverse proxy for websites. CloudFlare's free and paid services can be used to improve the security, speed, and availability of a website in a variety of ways. In...
  • Hi, thanks for your reply. In the meantime I also contacted support and they recommended I keep Cloudflare… It would be nice if all the products were protected by DO already. Many other providers have this sort of mitigation already.

    Thanks

    • Hello,

      I will also recommend you to keep CloudFlare enabled. If you double check the tutorial I’ve sent you earlier it is really handy when it comes to tighten up the security on your droplet. Also the DigitalOcean Cloud Firewalls are awesome product and they are free of charge.

      Regards,
      Alex

Submit an Answer