IP from ddos-guard.net to the A-records

If I add the IP from ddos-guard.net to the A-records - will the CloudFlare CDN be fully functional?

That’s up to DDoS Guard, but from their docs, they look similar to a Cloudflare setup where they manage your DNS.

I’d be surprised if it worked reliably.

This.

However, I believe Cloudflare TOS did not allow you to proxy another proxies due to obvious reasons, in fact, I would say that CF had/has some modules on their site that prevented you from using known ranges that are from competitors.

My personal advice as somebody who had dealt with DDos-Guard in the past, unless you are on the enterprise/business range, you won’t get anywhere near the advantages Cloudflare provides you with.

1 Like

Is CloudFlare better then DDos-Guard ?

But CloudFlare did not safe me from HTTP-flood attack. How can I be safed from it ?

HTTP attacks are complicated due to their nature of targeting an application and not the “network” itself, this means that any application (Layer7) firewall requires tunning in order to be efficient.

DDoS-Guard may provide you with some sensors that automatically enable the javascript/challenge page automatically, however, those are quick fixes and provide little to no security when the attacker has a more advanced attack pattern, chances are that they will sooner or later update their methodology to target DDoS-Guard, and in those cases, you are left to “luck” and the response of ddos-guard to mitigate the attack because you simply do not have the required modules/access to mitigate it yourself.

Cloudflare is not great due to the filtering that comes out of the box, this works to a very limited set of customers that are unlikely to receive attacks, those that do face attacks need to tune cloudflare settings to fit their needs perfectly.
The major feature of cloudflare is the “unlimited” amount of settings that they bring you with, in the sense that, no matter the complexity of the attack, you can pretty much tune everything to filter it out. The more complex the attack is, the more false positives you will have, however, that’s a rule with every firewall.

1 Like