> ## Documentation Index > Fetch the complete documentation index at: https://docs.advinservers.com/llms.txt > Use this file to discover all available pages before exploring further. # DDoS Protection > This is an overview of our DDoS protection. ## DDoS Protection We only provide DDoS protection in our Nuremberg, DE location. Our Los Angeles, Miami, Secaucus, Kansas City, and Johor locations do not have DDoS protection, and may be nullrouted upon a DDoS attack. ## DDoS Protection Add-on ### Price and Availability For services in Nuremberg, we include DDoS mitigation by Avoro/Dataforest at no additional charge (this may change in the future). Services protected by Avoro/Dataforest have access to similar filters as those that are protected by NeoProtect, and have access to configurable firewall filters. ### Filters Filters are only available for servers in our Nuremberg, DE location. Currently, we provide the following filters (this may change in the future) for servers located in Nuremberg, DE: | Name | Protocol | Action | Filter | Tags | | ------------------------------------------------------- | -------- | ------ | ---------------------------------- | ------- | | SCP: Secret Laboratory | UDP | FILTER | SCP: Secret Laboratory | Default | | Arma | UDP | FILTER | Arma Reforger | Default | | Palworld | UDP | FILTER | Palworld | Default | | TeamSpeak 3 Query/Filetransfer | TCP | FILTER | TeamSpeak 3 Query/Filetransfer | Default | | AltV UDP | UDP | FILTER | AltV UDP | Default | | AltV TCP | TCP | FILTER | AltV TCP | Default | | txAdmin | TCP | FILTER | txAdmin | Default | | OpenVPN | UDP | FILTER | OpenVPN | Default | | FiveM TCP Ultra Strict | TCP | FILTER | FiveM TCP Ultra Strict | Default | | FiveM TCP Strict | TCP | FILTER | FiveM TCP Strict | Default | | Plasmo Voice | UDP | FILTER | Plasmo Voice | Default | | UDP Light Generic | UDP | FILTER | UDP Generic | Default | | HTTP | TCP | FILTER | HTTP | Default | | Minecraft Java | TCP | FILTER | Minecraft Java | Default | | any TCP application | TCP | FILTER | Stateful TCP | Default | | Source Engine / A2S | UDP | FILTER | Source Engine / A2S | Default | | FiveM TCP | TCP | FILTER | FiveM TCP | Default | | FiveM UDP | UDP | FILTER | FiveM UDP | Default | | RakNet (Rust, MC Bedrock, Terraria, 7 Days to Die, ...) | UDP | FILTER | RakNet (Rust, MCPE, Terraria, ...) | Default | | QUIC | UDP | FILTER | QUIC | Default | | DayZ | UDP | FILTER | DayZ | Default | | TLS | TCP | FILTER | TLS | Default | | TeamSpeak 3 | UDP | FILTER | TeamSpeak 3 | Default | | WireGuard | UDP | FILTER | WireGuard | Default | | any UDP application | UDP | FILTER | UDP Generic | Default | | Remote Desktop Protocol | TCP | FILTER | RDP | Default | | FiveM UDP Strict | UDP | FILTER | FiveM UDP Strict | Default | | SSH | TCP | FILTER | SSH2 | Default | ### Configuration For servers in our Nuremberg, DE location, you will have access to a tab within the VPS control panel called the DDoS Protection. ![image](https://advin-cdn.b-cdn.net/chrome_DeQxeLHg78.png) We recommend enabling "Allow Egress Traffic" and "Symmetric Filtering" if it is available in this tab. Set the "Default Action" to Drop in order to block all traffic unless it matches a specific rule. This means that if you want to allow something (like a port or app), you must create a rule for it, otherwise, it will be blocked. ![image](https://advin-cdn.b-cdn.net/chrome_28xUDSzVWc.png) Make sure to create firewall rules for each of the applications that you are running on your VPS. For example, if you have SSH on port 22, make a firewall rule with: ``` Protocol: TCP Preset: SSH (TCP) Min Port: 22 Max Port: Blank ``` You can also create port ranges. For example, if you have Minecraft Java servers running on Port 25565 to Port 25575, you can make a firewall rule like: ``` Protocol: TCP Preset: Minecraft Java (TCP) Min Port: 25565 Max Port: 25575 ``` If you do not perform these steps to add rules for each of your applications, then the mitigation will not work properly. ### Sending DDoS Attacks We strictly prohibit any form of Distributed Denial of Service (DDoS) activity toward our network, even if the target is your own DDoS-protected IP address. Launching or simulating DDoS attacks is illegal in many jurisdiction. In the United States, it constitutes a violation of the Computer Fraud and Abuse Act of 1986, and [can lead to a prison sentence, fine, or a criminal record](https://www.fbi.gov/contact-us/field-offices/anchorage/fbi-intensify-efforts-to-combat-illegal-ddos-attacks). Furthermore, purchasing access to DDoS tools or botnets is not only unethical but also contributes directly to cybercrime. These tools are commonly powered by networks of compromised devices, often without the knowledge or consent of their owners. Therefore, we highly advise against participating in sending DDoS attacks, even if it is to only test your DDoS mitigation.