Is there any sevice/method to ddos protect the stratum process?
Curious about this also. Services like cloudflare dont work with stratum+tcp://
Because of this it is easy for an attacker to get your direct IP since you show the stratum address publicly.
Cloudflare and others can protect only HTTP traffic. Stratum is TCP so there's no easy way of DDoS mitigation using these popular services.
I have no experience with hardware firewalls with capability of specifying application protocol filters, but from my experience the most common DDoS attack is dumb SYN flood, so any SYN flooding protection should be enough.
cant you just protect it with TCP, adding a SRV record to DNS??
cloudflare fully supports this.
I called cloudflare and they said they do not support this. They will only forward web traffic. Part of the reason might be because they only support a few specific ports.