Gcore Anti-DDoS explained: why your server stays online

DDoS attacks are the scourge of gaming communities: a dishonest competitor or a banned player can, for a few euros, rent an attack capable of taking your server offline for hours. Every one of our servers is protected by default with Gcore’s Anti-DDoS solution — here is how it works and why it changes the game.

The problem: why games are a target

A game server exposes a public IP that your players connect to. That IP is trivial to obtain (it is in the game client), and volumetric attacks can now be rented for a few dozen euros on shady marketplaces. The attacker’s goal is simple: saturate your bandwidth or your resources so that legitimate players can no longer reach the server.

Without dedicated protection, even a modest attack of a few gigabits per second is enough to drop a standard server. That is why Anti-DDoS protection is no longer a luxury but a requirement.

Always-on protection, by design

The Gcore protection we deploy is “always-on”. That means all of your inbound traffic permanently traverses Gcore’s anycast filtering network, spread across more than 180 points of presence worldwide. You have no setting to change, no button to press: protection is applied to every server by default.

This is a major difference from “on-demand” protections that only activate once an attack is detected — and therefore let through the first seconds, which are often the most brutal.

Real-time detection

The system analyzes traffic continuously. When an anomaly is detected — a sudden volumetric spike, the signature of a SYN flood, a UDP flood or an amplification attack — the suspicious traffic is redirected to the filtering platform. Detection is automated and requires no intervention from you, nor from us in an emergency.

Filtering at the edge

Once suspicious traffic is isolated, malicious packets are dropped at the edge of the network, within seconds, using mitigation rules adapted to the attack type. Only legitimate traffic actually reaches your server. The word “edge” matters: filtering happens near the source of the attack, not in front of your server, which prevents your bandwidth from being saturated.

Tuned for games

Gcore adjusts filtering for game protocols (notably low-latency UDP). The challenge is avoiding false positives: you do not want a legitimate player to be mistaken for an attacker. Good game filtering must tell apart a normal connection spike (an event opening, a forum mention) from a flood of malformed packets. That is exactly what the specialized layer handles.

Capacity without a ceiling for you

Gcore’s infrastructure absorbs attacks of several hundred gigabits per second. In plain terms: you never have to wonder whether the attack you are under is “too big”. Capacity is sized for attacks seen in the wild, not for textbook scenarios.

What you may observe during an attack

If an attack happens, it is normal to notice slightly higher latency for a few seconds — that is the filtering kicking in. Your server, however, stays available. That is the entire point: absorb rather than drop. You have no firewall to configure, no rule to enable, no panic ticket to open.

Anti-DDoS protection is one of the rare areas where “transparent” is genuinely the right word: when it works, you do not even have to think about it existing.