Keep your players online, even under attack.
Layer 4 filtering with 1.6 Tbps mitigation capacity. Your real IPv4 stays hidden, attacks get absorbed before they reach your server.
SYN flood · 84 Gbps
Filtered at edge in 0.8 ms
Protected node
FRA-EDGE-01Layer 4 mitigation · Frankfurt · 24/7
237 / 250
No latency spike detected
Three steps. Zero exposed IP.
Your origin server stays invisible. Attackers see only our edge.
DNS points to our edge
Players connect to a protected IPv4 we issue. Your real IP never appears in DNS, traceroutes or scans.
Edge filters at L4
Volumetric attacks (SYN/UDP/ICMP floods, amplification) absorbed in < 1 ms. Legitimate Minecraft traffic passes untouched.
Tunnel forwards clean traffic
VXLAN / GRE / WireGuard / EoIP tunnel delivers only clean packets to your origin. Players never notice the attack.
Two ways to get protected
Pick the integrated VPS, or keep your existing server and route through our edge.
Gaming VPS
Anti-DDoS active from VPS activation. No tunnel setup needed.
- Layer 4 protection always on
- AMD Ryzen CPU + NVMe storage
- IPv4 fully hidden, zero config
- Instant deployment
Remote DDoS Protection
Keep your current server, route public traffic through our protected edge.
- 50 Mbps protected bandwidth
- VXLAN, GRE, WireGuard, EoIP tunnels
- Linux, Windows, MikroTik compatible
- Scale up at €0.25/Mbps (GRE)
All prices VAT included. Custom bandwidth tiers available — open a support ticket.
Built for sustained attacks.
Volumetric, protocol-level and amplification attacks — handled at the edge.
Always-on Layer 4 filtering
SYN, UDP, ICMP floods and amplification attacks absorbed before reaching your server. No manual intervention required.
IPv4 fully hidden
Your real IP never appears publicly. DNS resolves to our protected IP, attackers can't bypass the edge.
Multiple tunnel protocols
VXLAN, GRE, WireGuard and EoIP supported. Pick the one your OS or router knows best.
Any Minecraft server
Vanilla, Paper, Spigot, BungeeCord, Velocity, Forge, Fabric — protection works at the network layer, transparent to your software.
1.6 Tbps+ capacity
Infrastructure dimensioned to absorb volumetric attacks beyond 1.6 terabits per second without service degradation.
24/7 active monitoring
Real engineers watch the edge around the clock. Detection is automated; escalation goes to humans, not chatbots.
Works with what you already run
Network-level protection means your stack stays untouched.
Minecraft server software
Tunnel protocols & OS
Frequently Asked Questions
Everything about how the protection works for Minecraft.
How does the remote tunnel work?
You set up a tunnel (VXLAN, GRE, WireGuard or EoIP) between your existing server and our edge nodes. Public traffic reaches our protected IPv4, gets filtered at Layer 4, and only clean traffic is forwarded through the tunnel to your server.
Does it work with any Minecraft server software?
Yes. Filtering happens at the network layer, so it's transparent to the application. Vanilla, Paper, Spigot, BungeeCord, Velocity, Forge, Fabric and any other variant work out of the box.
What attacks are mitigated?
All common Layer 3/4 volumetric attacks: SYN floods, UDP floods, ICMP floods, amplification (DNS, NTP, Memcached), TCP reflection and protocol abuse. Capacity exceeds 1.6 Tbps.
Will the tunnel add latency?
Detection runs in under 1 ms at the edge. With our Gaming VPS the protection is integrated and adds zero latency. With the Remote tunnel, latency depends on the distance between your origin and our Frankfurt edge — typically 1-30 ms within Europe.
Which OS and routers are supported?
Linux (Debian, Ubuntu, CentOS, Alma, Rocky), Windows Server, MikroTik RouterOS, pfSense and OPNsense — anything that speaks VXLAN, GRE, WireGuard or EoIP.
Can I add more bandwidth later?
Yes. Base plan includes 50 Mbps protected bandwidth. Scale up at €0.25/Mbps (GRE) — open a support ticket for a custom quote.
Need help configuring your tunnel? Join our Discord.
Join Discord