Is it okay to say your VPS IP?

[ReidTJ 1]

I was about to ask for a modified global_crumbs, but then I thought it may be bad to say your VPS IP. Can anyone attack my servers with my VPS IP?

[Ben 68]

Hiding your VPS' IP address is just security through obscurity and it's reccomended you always steer clear of these approaches, even though quite often they might be worth implementing anyway.

Ultimately your CPPS has a game client, which must connect to a game server, you can't hide the address. What you can do is make use of a reverse proxy to try and filter attacks, there are services online (which you pay for), which offer "DDoS protected" reverse proxies, as you would be pointing your game client to the proxy address, you would, in essence, be "hiding" your real game server IP.

There are also virtual server hosting providers such as OVH who provide DDoS protection as part of all of their plans (paid for by distributing the cost across all of their customers). Beware though, lots of hosting providers claim to be able to protect you from attacks, but can't, make sure to read up on reviews before getting ripped off.

You should read up on how to secure linux servers from different types of attack, before trying to setup any services which you run publicly, it only takes one google search to find out how to do things the correct way, and of course you're always welcome to make support topics here if you're stuck with anything.

[Codey 16]

If it does not have DDoS protection it can be attacked very easily using $5 booters. If you're owning a CPPS, it's very easy to fetch your IP and port using a packet editor.

 

You should also install software like fail2ban to block SSH bruteforce attempts.

Edited June 26, 2017 by Codey

[Codey 16]

1 minute ago, Ben said:

Hiding your VPS' IP address is just security through obscurity and it's reccomended you always steer clear of these approaches, even though quite often they might be worth implementing anyway.

Ultimately your CPPS has a game client, which must connect to a game server, you can't hide the address. What you can do is make use of a reverse proxy to try and filter attacks, there are services online (which you pay for), which offer "DDoS protected" reverse proxies, as you would be pointing your game client to the proxy address, you would, in essence, be "hiding" your real game server IP.

There are also virtual server hosting providers such as OVH who provide DDoS protection as part of all of their plans (paid for by distributing the cost across all of their customers). Beware though, lots of hosting providers claim to be able to protect you from attacks, but can't, make sure to read up on reviews before getting ripped off.

You should read up on how to secure linux servers from different types of attack, before trying to setup any services which you run publicly, it only takes one google search to find out how to do things the correct way, and of course you're always welcome to make support topics here if you're stuck with anything.

would also like to mention https://bitmitigate.com/ which offers a free anycast CDN which caches static content, and reverse proxies for a cheap price, both DDoS protected.

[ReidTJ 1]

20 hours ago, Codey said:

would also like to mention https://bitmitigate.com/ which offers a free anycast CDN which caches static content, and reverse proxies for a cheap price, both DDoS protected.

For Bitmitigate, do I have to get Game Servers or can I get websites?

[Codey 16]

1 hour ago, ReidTJ said:

For Bitmitigate, do I have to get Game Servers or can I get websites?

For your game servers, you can get the reverse proxies, while you can get the CDN for free.