Q. How much protection is included with each server?

A. Each dedicated server includes is limited to the data center inbound bandwidth capacity for DDoS Protection as part of the standard package. We do not advertise this limit as it's constantly increasing. 

 Q. What happens when I receive a DDoS attack larger than the advertised protection?

A. If an attack exceeds the protection size, the IP being attacked will automatically be null routed for a period of 24 hours. 

Q. I am receiving random incoming spikes on my bandwidth graphs, are these attacks?

A. The random incoming spikes you are seeing are most likely related to packets that were not filtered from attacks. Due to the nature and ongoing evolution of attacks, there isn't a single ruleset that will filter all malicious traffic. Stricter rulesets usually end up filtering legitimate traffic. Some traffic may make it through, but typically never enough to flood the port. 

 Q. How can I filter out the remaining malicious traffic?

A. Most local firewalls and IPTables, if configured correctly, will only allow legitimate traffic specific to the application that you are running. Reference the specific documentation to the firewall for additional configuration details. You may also consider installing Snort for a more advanced filtering service if firewall/IP table rules will not be sufficient.