Curator's defense

Curator's defense

DDoS protection in partnership with Curator is available as an optional service for Servercore products:

• Dedicated servers
• Colocation and rental of racks
• Servercore Cloud Platform
• VMware-based cloud

Curator protection works at all layers of the network model, including the application layer (L7). Additionally, WAF Curator can be connected to the service to protect against hacking of high-load web applications.

Principle of operation⁠

When ordering the service, you will be given a secure address to which you need to redirect your traffic. All traffic to the protected address is sent to Curator filtering nodes, where it is analyzed and cleaned, and then redirected to the protected server in the Servercore infrastructure.

All nodes in the Curator network operate independently of the others. If the filtering node closest to you becomes unavailable, traffic is automatically redirected to the next closest node.

Connecting the service will not protect against DDoS attacks if the attackers know the target IP address. Before connecting, you should remove all references to the IP addresses you want to protect from external resources. If the addresses are already under attack, you should order a new subnet and configure it on your servers.

Cost⁠

The cost of the service adds up:

• from the selected Curator Protection service tariff;
• the cost of additional protected IPv4 addresses if more than one IP address needs to be protected. One protected address is included in the tariff price;
• payment for additional bandwidth of cleared traffic, if it exceeds 10 Mbps;
• the cost of a new subnet if it is needed to connect the service.

The service is paid monthly on the 1st day of each month. The start of commercial use of the service is agreed individually.

View prices for Curator protection at servercore.com.

Traffic charging⁠

The filtered traffic that exceeds the 10 Mbps bandwidth is charged. To calculate the bandwidth, the average bandwidth value of outgoing and filtered incoming traffic to the protected IP address is compared every minute, and the higher of these values is taken. At the end of the calendar month 90 maximum values are discarded, then the remaining maximum value is rounded down to a whole number of Mbps. The resulting number is the value of the paid traffic bandwidth.

Attack traffic (unwanted traffic bandwidth) is not charged. For calculation purposes, the unwanted traffic bandwidth is measured every three minutes, 30 maximum values per month are not counted, the 31st maximum value is the bandwidth value.

If the attack exceeds the bandwidth provided by the tariff, the quality of traffic filtering may deteriorate. In this case, we will offer you to switch to the next tariff plan for a period of at least three months. If you do not want to switch to the next tariff plan, but want to maintain the quality of filtering, you can limit all incoming traffic, including legitimate traffic, to the bandwidth specified in the tariff.

Connect the service⁠

Before activating the service , top up the balance by the required amount.

1. If your server only has a public shared address or public IP address, or is already under attack, order and configure a new subnet.
2. Order a favor.
3. Specify a protected address in the domain's A-record.
4. Add a TLS(SSL)-certificate.

1. Order and configure a new subnet⁠

A new subnet is required if your server only has a public shared address or public IP address /32, or if it is already under attack, i.e. the target IP address is already known to the attackers.

Order a subnet and configure the address from it on the server:

• For a dedicated server, a public dedicated subnet;
• of the cloud server is a public subnet.

2. Order a service⁠

1. In the control panel, click Products in the top menu and select DDoS Protection.

2. Click Order Services.

3. In the line of the desired Curator tariff (Professional, Business, Corporate), click Pay.

4. Verify the details and click Pay for the service.

5. We will create and send a service order ticket. In this ticket, send us:

   • domain to be protected (subdomains will be protected automatically);
   • The IP address to which to send the filtered traffic;
   • email to register in Curator's personal cabinet.

6. We will process the order and send you a secure IP address in a ticket, which you will need to specify in the A-record of the domain, as well as login details for your Curator personal account. Connection takes up to one business day.

3. Specify a secure IP address in the domain A record⁠

1. Go to your domain registrar's control panel where your domain records are stored.
2. In the A record, change the value to the secure IP address that you received in the ticket when ordering the service.

4. Add a TLS(SSL)-certificate⁠

1. Log in to your personal account on the Curator website. Login and password can be found in the service order ticket.
2. Go to the Certificate storage section.
3. Click ADD CERTIFICATE.
4. If you do not have a TLS(SSL) certificate, you can issue a free Let's Encrypt® certificate that protects a single domain. To do so, open the USE LET'S ENCRYPT tab, click Next, select a domain, enter the domain name, and click CREATE CERTIFICATE.
5. If you have a TLS(SSL)-certificate or you want to protect multiple domains with the same IP address — open the UPLOAD CERTIFICATE tab, select the file and click UPLOAD.
   A certificate to protect multiple domains must be multi-domain: to protect different domains — SSL or UCC with SAN option, to protect domain and subdomains — Wildcard.

View statistics⁠

After connecting and configuring the service, you can view statistics on traffic.

1. Log in to your personal account on the Curator website. Login and password can be found in the service order ticket.

2. Go to the Reports section. Here you can view statistics on incoming and filtered traffic. You can use filters when building statistics:

   • by type (traffic, packets, requests, and so on);
   • by time (5 hours, a day, a week, a month, and so on).

Deactivate the service⁠

1. Make sure that you have reconfigured traffic reception to an address from your subnet. The protected address issued when the service was activated will be deactivated along with the protection.
2. Go to your domain registrar's control panel where your domain records are stored.
3. In the domain A record, change the value to an address from your subnet.
4. In the Control Panel, click Products in the top menu and select DDoS Protection.
5. From the menu of the service, select Disable Monthly Payment.
6. Optional: create a ticket for refunds for full unused months.