[youssefbasha]

Hello,
Recently i got an idea in protecting my servers more than enough so what do you recommend? Fail2Ban or DDoS Deflate?
Note that i was securing my servers by changing the ssh port and using vnstat/ip tables to block ddos ips
After reading some information about both of these scripts i see that DDoS deflate is better because its sending emails but i think that i have to setup mail server first.
I didn't post this in VPS Support because its not something connected to my VPS, My friend got some problems and i was helping
Tell me your experience with them

[chanalku91]

For DDOS protection I have used Config Server Firewall + Ipset , and the security is that I use OSSEC and Snort!

There is no software that really protects your server from advance attacks, you must use the services of the expert

[fChk]

Hello,
Recently i got an idea in protecting my servers more than enough so what do you recommend? Fail2Ban or DDoS Deflate?

Protecting against what exactly?.. Both tools are just shields against brute-force attacks. If that's what's bothering you then yes, they can be useful. The downside is that they will be eating on your VPS's resources; hence the tough choice.

After reading some information about both of these scripts i see that DDoS deflate is better because its sending emails but i think that i have to setup mail server first.
I didn't post this in VPS Support because its not something connected to my VPS
Tell me your experience with them

Fail2ban can send you an email too if configured!! and that should not be what should motivate you for either one of them. They both look for abusive IPs based on different approaches:
> scanning the logs of predefined services (for fail2ban) or
> periodically running a netstat command via a cron job (for the DDoS defalte script.)

The objective criteria that should tip the scale for one or the other should be how much resources each one of them consumes to get the same job done? and well that job is achieved?

I never(/and hopefully ever) needed them before, but looking at their MO(/modus operandi) I would lean towards the DDoS deflate script as the better one of the two, but would like to see the input of those who did use it on live systems.

[youssefbasha]

Well, some days ago a friend asked me for help.
He is using VPS to host his samp server, someone ddosed him but the server just restarted while the vps was totally fine.
I recommended fail2ban and ddos deflate to him but i want to make sure whats better in protecting things like game servers

[tryp4vps]

Personally I would recommend Fail2Ban.

Because my secure servers have Fail2Ban running for many years without any issues.

So I think it should be good enough for most VPS administrators including those running game servers.

[hamed]

It is better to install csf firewall on Linux and prevent hacker attacks
you can find this firewall in google with first search . u can do it with fail2ban . and host ip blocker ... i like host ip blocker bcs he know all bots ips and attackers ips and vpn's ips ... good luck

[humanpuff69]

i use fail2ban before and when my server got extremely high traffic the fail2ban service suddenly go to 100% cpu maxing out the cpu and making the server extremely lag

now i dont use fail2ban anymore because i forgot and have no time to use . also it can cause issue when i didnt enter the correct password . i know this is brute force preention but it used to screwed me

[LightDestory]

I suggest Fail2Ban because it is very easily configurable, you can create custom jails for your need and if you use UFW firewall you will get a nice combo

[youssefbasha]

Well, what @chanalku91 said really helped us!
The solution was to configure the firewall with the right rules, dedi server is now up for about 4 hours and no ddos signs.
I will check the dedicated server for 24 hours to know if its safe now or the ddos just stopped for some time

[humanpuff69]

I suggest Fail2Ban because it is very easily configurable, you can create custom jails for your need and if you use UFW firewall you will get a nice combo

yeah it is a nice combo until you put incorrect password 3 times and it lock you from the vps . i even attempt to contact the support because of that and turned out it is because of fail2ban . and my workaround is to use a VPN or restart the router . also fail2ban can make the cpu 100% maxed out

it is a great protection . but it have tradeoff