Bot Attack

I’m not even sure where to begin to be honest. it’s been one helluva day and I’m hoping to find some advice.

We sell Designer Toys. Highly sought after collectibles online. We usually sell toys on a daily basis, but every now & again we sell exclusive toys that no one else has. Today was one of those days. We knew the traffic was going to be high for the drop, but what we found was that we had the traffic PLUS this one IP address pinging our site constantly, which brought the site to its knees. I don’t know enough about this, and feel very frustrated that this has happened.

The site was down for about 90 minutes whilst the server guys at Cloudways were able to help to block this IP. In the meantime, I had to deal with angry customers trying to buy this particular toy.

I want to try understand how to avoid this in the future. Also was this a particular attack set directly to my site. Trying not to think too hard about it.

If anyone at Cloudflare can help, or anyone for that matter, it would be greatly appreciated.

Thanks,
Gary.

1 Like

Our actual traffic wasn’t crazy tbh either, we have moments where we have 100’s of people on our site with 1000’s of page views in an hour. this particular time didn’t look crazy compared to other days where we have seen huge amounts of traffic.

Are you running a WordPress site by chance?

If yes, please see below instructions.

  • Go to Cloudways > Application > Check Logs under Monitoring section.


    Image Credit: Cloudways Blog

  • There you can find top IP which is visiting certain path like /xmlrpc.php or /wp-login.php for unsually.

  • Now, you can use create a WAF rule to create restriction rule.
    image

A note: If you use JetPack, do not block XMLRPC without whitelisting 192.0.64.0/18 else it can disconnect connection to WordPress.com

You could increase your site’s Security Level, from the dashboard go to Firewall -> Settings -> Security Level -> I’m under attack!

This will force a Javascript challenge at least to all of your customers

Or you could use Cloudflare’s rate-limiting feature in Firewall -> Tools

You could check the reply I set here: CloudFlare Still Lets in A HUGE Amount of Bot Traffic
If you want a proper anti bot system that stops this kind of bots that automatically purchase items, etc, you need an extra layer on top of cloudflare.
OR enable captcha for all visitors for the visitor for as long as the sale lasts.

This topic was automatically closed after 30 days. New replies are no longer allowed.