TCPShield is a high-availability DDoS mitigation platform.
When you use TCPShield, the IP address of your server will be hidden, thanks to the provided reverse proxy. This way, even if you suffer a DDoS attack, all illegitimate packets will be filtered out by their protection.
However TCPShield is free only for 1 terabyte of monthly bandwidth.
You need to have a registered domain and a DNS service. In this tutorial we will be using Cloudflare.
- 2.After that, create a network and give it a name, like the example below:
- 3.Copy the protected CNAME provided. It should look like this: "b89c987e47b422bcee0086c857c7546117d6f901.ipv4.tcpshield.com".
- 4.Create a CNAME entry, enter the desired subdomain and the protected CNAME from the previous step.
- 1.Go to the Backends panel and create a first set of backends.
- 2.After that, go back to your network configuration and add a domain. Also define the set of backends you created in the previous step.
Enable haproxy-protocol in the advanced section
Enable the proxy_protocol option in the listeners section.
- 1.Go to nAntiBot config.yml and configure haproxy.
- 2.Reload the plugin with the /ab reload command.
In some cases it may be necessary to enable the option
It is recommended to enable it in case of problems.
Test if you have configured the server correctly by putting your server's IP on this site: https://mcsrvstat.us/
Then take the IP and dump it into your browser.
If everything is set up correctly, you will be redirected to the TCPShield home page.
If your TCPShield registry points to
sgp.tcpshield.net, you must allow CIDR