We pride ourselves on running a very open network; however, there are two items that we police in order to protect our network and customers.
-
SSH rate-limit inbound on port 22
In order to mitigate dictionary attacks, initial connections (SYN) to port 22 are policed and allow a maximum of 15 connections per IP within 60 seconds measured as a rolling average. Exceeding this will cause the source IP traffic to be dropped for 60 seconds.
This only applies to port 22 on VM hosts (does not apply to ARP Metalâ„¢ dedicated servers and IP transit) and cannot be disabled on a per-VM basis. If it causes issues for your VM, we apologize, but you will need to assign SSH to listen on a port other than 22.
-
SMTP (port 25)
By default, for new customers, port 25 is blocked. You know why.