How WingNode DDoS protection works
A look at the multi-layer DDoS architecture: GCore Anycast edge, TNI scrubbing centers and the custom WingNode rules layer.
WingNode uses multi-layer DDoS mitigation combining industry filters with a custom rules layer. The goal: stop the attack before it reaches your server, without affecting legitimate players.
Layers of defense
1. Edge (GCore Anycast)
Your IP is announced through a global Anycast network of 150+ POPs. Volumetric traffic is spread across the closest edge and absorbed there — far from your origin.
2. Scrubbing and filtering (TNI.ro)
Hardware scrubbing centers combined with gaming presets tuned for protocols like FiveM UDP, Source Engine, RakNet (Rust), Minecraft Java and more. Each preset understands the exact shape of a legitimate packet and drops anything else.
3. Custom WingNode layer
For games where standard filters aren't enough (FiveM challenge-bypass attacks, application UDP floods), our team maintains hand-written rules that can be enabled on demand. Combined with Strict modes this handles multi-tens-of-Gbps attacks.
What is covered
- Volumetric (L3/L4): UDP flood, SYN flood, amplification (NTP, DNS, Memcached) — mitigated at the edge.
- Protocol: malformed packets, fragment floods, stateful exhaustion — blocked by the filter.
- Application (L7): HTTP flood, GoodBot, Slowloris — solved at the challenge/CDN layer.
Requesting a profile change
To switch protection profiles, open a ticket with your port and target preset. Full list in the presets catalog.