Bypass Captcha challenge

We are under heavy ddos attack.
We Enable the Under Attack mode but it doesn’t help us . After that we apply a rule to show captcha challenge to all users but It seems the attackers bypass the captcha challenge . All requests reach to origin server . I dont have any idea how could they , bypass captcha challenge .

Our IP server has not been leaked . We blocked all IPs exclude to cloudflare IPs

I’d recommend contacting Cloudflare support.

Do you know which host is under attack specifically?

Yes we Know

If it’s an HTTP-based attack, did you check the hostname / domain? Maybe they are targetting a different domain with the same host.

Yes Its an Http base attack . I didint understand. We have dedicated server that just serve to one domain .

In theory, someone probably could set up his own domain on Cloudflare and therefore bypass your IP blocks, as you’re allowing Cloudflare’s IPs. You would need to keep the IP totally secret and I’d recommend setting up your server to not respond to requests of other domains.

If it’s your domain that is attacked and the challenges are bypassed, that’s a different issue and I’d recommend contacting Cloudflare support.

Yes our domain is under attack . we contact to cloudflare support

1 Like

Those requests should die at a properly configured server because they don’t match the host name. If it’s a single domain, they can also set up Authenticated Origin Pulls.

1 Like

While it is very odd that an attack solves the Captcha challenge, it’s something that can happen. The only option in those scenarios is to lock down your site and add rate limit, you said you have a dedicated server, chances are that even if the attack is not fully mitigated with this rules, it will hold the website online at least, with a proper and optimized setup.

Unfortunately there is not much more that can be done, HTTP/s attacks that reach this complexity also require a much more complicated firewall and human management, chances are that you may want to upgrade to enterprise and discuss if the Cloudflare team is willing to help you with this.

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.