How mining pools protect themselves from DDOS attacks ?

[WandaCC]

I wonder how pool operators are protecting their statums addresses from DDOS attacks
I cannot find an answer on google about protecting stratum addresses from DDOS
What am I missing ? I mean they can't just manualy ban the IPs addresses which are slowing down the pool. I imagine it could give a lot of work to pool OPs no ?

Sorry for the newbie question, but as I know that some pool operator are present here, I hope that I will find a proper answer Smiley

[Kalisspera]

Also, it's not a manual ban it's automatic, even going back a decade to NOMP https://github.com/zone117x/node-open-mining-portal#attack-mitigation it had automatic banning of IPs that were causing problems. It can also be a combination using something like cloudflare as discussed above to take care of the 1st layer of attacks then something internally to filter out the rest.

[MikeBrooklyn]

I tested this a few weeks ago out of curiosity and got mixed results. Some sites were knocked offline quickly, but others stayed up, probably due to better protection. IP Stresser is easy to set up, but if you're targeting something with DDoS guards already in place, it's less effective. Also noticed some delays when switching attack methods—might be server-side lag or just heavy load.