Comment by plasma
4 years ago
A few suggestions:
1. Cloudflare offer TCP based DDoS protection too, see their Magic Transit or Spectrum product
2. This sucks, but put your servers behind WireGuard or Tailscale VPN so that in order to connect you need to have authenticated
As the blogpost mentions TCP is not exactly desirable for our project. Moreover, if you contact Cloudflare about those products you'll get a monthly quote that is far beyond what an open source project run by donations can sustain :)
That shouldn’t be the case. Email me if it is. I’ll make sure we help: matthewatcloudflaredotcom.
Thanks, reached out to you.