I have a website which is under attack for 3 days.
While I can see the activity on the website session list there is no trace of attack is on the Cloudflare log.
The server’s firewall accepts requests only from Cloudflare’s ip ranges and blocks all other traffic coming from other sources.
Firewall law on Cloudflare for blocking the matching IP is not working as expected and not blocking him. As if he gets whitelisted somehow.
I can see the IP $_SERVER[‘HTTP_CF_CONNECTING_IP’] so the attack is coming from Cloudflare.
Where do I start?