May I ask what do you see under the Security → Events, for the service which was triggered ?
When you click on a particular one, does it say l7 http ddos or something else?
You should be able to see the challenged or blocked event under the Security tab → Events at Cloudflare dashboard for your zone and know exactly which security option was triggered.
Did you created a Custom WAF rule?
If so, could you share a screenshot of it?
What happens when you disable it? Does your Website work or not?
Have you got any information from your log files of your Web server about attack from the IP addresses?
no, i download wordpress theme for wordpress and make odify in site, after hosting provider says me i m under attack use please Cloudflare. and 12 hours im inder attack
Purchasing Pro plan could help to battle and prevent more attacks coming, however in long-term you might have to set some WAF rules then as follows from below posts.
If I may add here as a really good reference for further cases in terms of security and protection with Cloudflare from my colleague @jnperamo:
We can lock down our web host and allow only the Cloudflare to connect and similar techniques:
I’ve been trying to do something with the firewall for 4 hours, I blocked get and post requests, blocked the IP, but it doesn’t stop. I don’t understand much. If I buy PRO pocket, can you stop it?
From my understanding, it is nulled? If true, then it might be a reason why you got DDoS then if some script in the background is executing some bad code causing such issue
Please don’t use nulled themes or plugins due to your security and protection of your Website, hosting provider and your Website visitors in future.
Consider changing your database and user password and your WordPress user credentials, also check the CHMOD over directories in wp-content folder including all of the plugins and uploads too.
and tune-up your security settings using above posts.
