Bot(s) bypassing Cloudflare

We have the CF DDOS toll on as well as reCaptcha but we’re being invaded.

My host confirms there are bots that are bypassing CF - I have an email into my security expert but he’s in Europe so he’s probably sleeping.

Anyone else ever seen this?

Did you both checked your origin host/server log files?

How about Firewall Events at Cloudflare dashboard?

Well, not all in the EU go to sleep at the same time :wink:

Are all the needed hostnames proxied and set to :orange:?
Is the origin host/server used for multiple services, for example web server + e-mail or?

You could allow only Cloudflare IP ranges to access your ports (like 80, 443):

Furthermore, using Cloudflare Tunnel you can restrict things even more.

May I just add an useful article here:

Furthermore, may I suggest below articles:

2 Likes

We are going to need more information. How are the bots bypassing CF affecting your services? Is the DDoS causing your site to be unavailable? Is it affecting your ad revenue…? etc

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.