DDoS Protection

DDoS (Distributed Denial of Service) attacks have been on the increase recently. These involve remote-controlled networks of compromised computers ("botnets") overloading services on a server by sending a huge number of requests. We offer an anti-DDoS filter for all of our root server, managed server and dedicated server solutions. This filter is activated automatically as soon as your server experiences an unusually large number of incoming packets or an equivalently high bandwidth of traffic from the Internet.

The following diagram illustrates how our DDoS filter works to block attacks.

Schutz vor DDoS

If no attack is taking place, traffic from the Internet is routed directly to the servers via the routers. Traffic is analysed on the routers to identify potential attacks.

If an attack is detected, the routers then redirect Internet traffic to pass through the DDoS filter. This filter blocks packets marked as "bad". "Good" packets are routed to servers after passing through the DDoS filter. This ensures your server stays available.

Once the attack dies down, traffic is once again routed directly to your server by the routers.

The bandwidth available to you on the DDoS filter depends on your specific package. The minimum bandwidth, which we provide to you free of charge, is 5 Gbit/s.