Block DDos Traffic

devops123 · January 8, 2025, 10:07am

What is the name of the domain?

kdsappliances.co.uk

What is the issue you’re encountering

Site constantly being taken down

What steps have you taken to resolve the issue?

Rate limiting
Security - > Bot

Was the site working with SSL prior to adding it to Cloudflare?

Yes

What is the current SSL/TLS setting?

Full

What are the steps to reproduce the issue?

Site getting taken out despite being behind cloudflare, with thousands of expensive search page requests (and nothing else) in a minute from common pool of IPs from a specific country with wide array of very old and obv fake useragents.

I’ve messed about with security settings but apart from the horrible ‘Site Under Attack’ mode manually being activated I’ve been unable to mitigate.

Any advice welcome?

My plan B is is to remove cloudflare and block the whole country using IP tables.

sjr · January 8, 2025, 10:16am

A whole country block/challenge in Cloudflare WAF custom rules will do the same thing. Make sure your origin only allows access from Cloudflare IP addresses.

Check here for a good guide…

system · January 23, 2025, 10:17am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Need Help with DDOS Attack: Bot Protection and Server Security Solutions Security	5	37	January 13, 2025
Help with DDos Attack Security dash-troubleshooting	24	3233	October 27, 2019
Limit all IP Addresses (free account) Security	10	51	January 26, 2025
New account not blocking traffic Getting Started	22	2659	February 25, 2020
Attack on my website by ddos Security	2	1331	February 14, 2023