I have a Game Server from OVH it is a I7-6700K, 64GB RAM, 1GB/s unmetered. This is my firewall setup
I thought OVH dedicated game server is supposed to protect against ddos? I guess not?
I was really looking into OVH for Ddos protection, but looks like that’s not working out for people here. And judging from the forum OVH will not help you if you need support.
i am a old user of ovh, and the last mounth they have a breach in antiddos, and atackers founded it
suport is bad
i am looking for other host
Thanks for sharing this experience. Hopefully everyone who sees this will stay away from OVH if they care for support. Or hopefully OVH will see this and either start responding to customers, or explain why they never respond ,e.g. They will only respond if you pay for 1 year of support. So people get an expectation. But as of now, it feels risky to engage with OVH because you can’t get in contact with a real human for even a simple question. I get why we need to pay for support because they need to make money, but if we need to pay 12 months of support just to ask a simple few questions before moving your server over to OVH, then I think there are potential customers that are lost.
Advice to OVH
- allocate some good staff just to answer basic questions that help people get on board.
- Don’t make people commit 1 year for support, allow month to month.
- Give first month support free so people know what your support quality is before buying your support.
Did you find any support? Have you tried paying for their support so they will help you?
I havent payed for support, i had a ticket open and waited 4days to get a response, and the response was we have no information about this, and if we get something we will email you.
sorry about that
i found https://shikendon.medium.com/ovh-anti-ddos-firewall-best-practices-14b6014d7f9a
Due to a bug of OVH Firewall, you still need to block malformed ACK connections by using iptables:
iptables -t mangle -A PREROUTING -m conntrack --ctstate INVALID -j DROP
iptables -t mangle -A PREROUTING -p tcp ! --syn -m conntrack --ctstate NEW -j DROP
Block invalid connections using iptables