Про OVH antiddos уже было рассказано.
Теперь вот Hetzner

Он тоже сыплется автоматически

We have indications that your server has been attacked. Those responsible for this have been asked to solve the issue and to give us a statement on the cause of the attack.
This is an information email only and does not require any further action on your part.
In some cases such an attack can place a considerable strain on network resources and, as a result, a segment of our network can be adversely affected. In such a case the IP address of the attacked server can be blocked as a precautionary measure. You will receive a separate notification with further information if this happens.
Important note:
When replying to us, please leave the abuse ID [AbuseID:3749A7:19] unchanged in the subject line.
Please note that we do not provide telephone support in our department.
If you have any questions, please send them to us by responding to this email.

Abuse Message [AbuseID:3749A7:19]: AttackInLevel: IN Attack notification for IP 148.251.xx.xx (Router: juniper4.ffm.hetzner.de) [Network-Normal]

Пишется Router и статистика из него похоже
Ддосы в Hetzner редкое явление само по себе. Так что на пальцах могу посчитать такие вот уведомления.

Direction IN
> Internal 148.251.xxx.xxx
> Threshold Traffic 2.000 MBit/s
> Sum 92,015 GByte/300s (2.512 MBit/s), 205.328.000 packets/300s (684.426 packets/s), 8 flows/300s (0 flows/s)
> External 62.205.132.151, 92,015 GByte/300s (2.512 MBit/s), 205.328.000 packets/300s (684.426 packets/s), 8 flows/300s (0 flows/s)

В панели можно выбирать такие функции.



Настройка сама вот так. Не разу не доводилось пользоваться :)