Skip to content

Instantly share code, notes, and snippets.

@Euro-pol

Euro-pol/AC_DDoS_Protection.md

Last active April 14, 2024 08:45
Show Gist options
  • Save Euro-pol/f9eef838cbd30baae46640fc5df7ef81 to your computer and use it in GitHub Desktop.
Save Euro-pol/f9eef838cbd30baae46640fc5df7ef81 to your computer and use it in GitHub Desktop.
Download ZIP
Assetto Corsa self-hosted DDoS protection tutorial (proxy)
Raw
AC_DDoS_Protection.md

Introduction

Hey guys, I've been hosting an Asseto Corsa server on my Raspberry Pi 4, but been wondering how to set up DDoS protection. I've been searching for any self-hosted proxies for AC, but couldn't find any so I dug deeper. I found out that nginx can work with UDP and TCP connections, so I'm writing this little guide.

Requirements

  • A VPS with Ubuntu Server (or similar)
  • Nginx with stream (on Ubuntu, install libnginx-mod-stream)
  • An already setup Asseto Corsa server
  • Your home server's ports open (for the AC server to be accessible)

How-to

Even if the task seems complicated, it's not long! Make sure to install nginx which I won't show how to here, but you can find great tutorials like this on the internet. When you have nginx set up, make sure that everything works, and then open the nginx.conf (usually located at /etc/nginx/nginx.conf) with any editor like nano. Scroll to the bottom, and then add the following:

stream {
    #You can also use plain IP addresses instead of domain names
    server {
        listen     3992;
        proxy_pass your.backend.com:3992;
    }

    server {
        listen     3992 udp;
        proxy_pass your.backend.com:3992;
    }

    server {
        listen     8081;
        proxy_pass your.backend.com:8081;
    }

}

Here's an explanation of that piece of code:

  • The first server statement tells our nginx server to redirect any incoming TCP/3992 traffic to our backend on port 3992
  • The second server statement does the same, but for UDP/3992
  • The third server statement redirects any incoming TCP/8081 traffic to our backend on the same port (for the AC HTTP server).

I'm using 3992 as my game ports due to my router already using the default ones

After saving that, run sudo service nginx reload and everything should work! Instead of connecting with your default link, make sure to replace the IP with the VPS server's one.

Extras

If you're using a firewall on the VPS, make sure to allow the ports you're using. Both the HTTP port (TCP) and the AC server port (TCP and UDP).

Make sure that your frontend (VPS) ports are the same as the backend (your home server) ports. Else, the game server will get confused and won't let you join.

If you want to test my server, feel free to join here (You need the DLCs for Nordschleife and BMW M4) 😃

Contributing

If you have any error or suggestion, make sure to leave it in the comments and I'll respond ASAP.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment