🛡
TCPShield
TCPShield is a high-availability DDoS mitigation platform.
When you use TCPShield, the IP address of your server will be hidden, thanks to the provided reverse proxy.
This way, even if you suffer a DDoS attack, all illegitimate packets will be filtered out by their protection.
However TCPShield is free only for 1 terabyte of monthly bandwidth.
You need to have a registered domain and a DNS service.
In this tutorial we will be using Cloudflare.
- 1.
- 2.After that, create a network and give it a name, like the example below:
- 3.Copy the protected CNAME provided. It should look like this: "b89c987e47b422bcee0086c857c7546117d6f901.ipv4.tcpshield.com".
- 4.Create a CNAME entry, enter the desired subdomain and the protected CNAME from the previous step.
- 1.Go to the Backends panel and create a first set of backends.
- 2.After that, go back to your network configuration and add a domain. Also define the set of backends you created in the previous step.
Enable haproxy-protocol in the advanced section

Enable the proxy_protocol option in the listeners section.

- 1.Go to nAntiBot config.yml and configure haproxy.
- 2.Reload the plugin with the /ab reload command.
In some cases it may be necessary to enable the option
adapters.handshake-data-passthrough
It is recommended to enable it in case of problems.
Test if you have configured the server correctly by putting your server's IP on this site:
https://mcsrvstat.us/

Then take the IP and dump it into your browser.
If everything is set up correctly, you will be redirected to the TCPShield home page.

Singapure:
If your TCPShield registry points to
sgp.tcpshield.net
, you must allow CIDR 15.235.145.14/32
.Last modified 8mo ago