Cache doesn't seem to prevent direct hits

We have a page rule on https://naisma.org/ to Cache Everything, Edge Cache TTL: 2 hours. Our server just crashed from about 60 hits to the homepage. All but 1 came through Cloudflare.

Source IPs:
54 162.158.166.6
7 162.158.166.204
1 63.143.42.248

So my questions are:

  • when everything is cached, why is the server getting hit at all for the homepage?
  • should the 63.143.42.248 address be ignored since it only hits 1 time, or should that be the focus since it somehow seems to hit the server directly? The other addresses are Cloudflare.

Caching doesn’t protect your site from attack, if you think your site is under attack change security level to “High” or “I’m Under Attack!”. Otherwise, may I ask what the issue is and what happens and the page it shows when crashing, also how can I regenerate the error?

The issue is that server crashed and the logs show a high number hits (60 or so) for 1-3 minutes. It only happens once or twice a week, so I don’t want to make all visitors go through a higher security level or setting I’m Under Attack all the time. I don’t know how to regenerate it because I’m not sure how it’s happening.

What is your security level?

It’s medium

60 Hits is not really much. So you should start there and look in your Logs why the Server is crashing with this few Hits.

  1. The Cache is not global. Every Cloudflare Datacenter has it own Cache. When you get a visitor from
    2 different Regions and the Colos in these Regions dont have your Site in Cache yet, you get 2 Hits.
  2. Each Cloudflare Datacenter can delete your Site from its cache at every Moment to make Room for higher Traffic Sites. So even when a Colo has your Site in Cache it can happen at anytime that this Colo needs to refetch your Site
1 Like

What’s the URL?

He already wrote his URL in his starting Post of the Thread ^^

1 Like

Okay, that makes sense, but it still seems like there’s something that isn’t right.

the url is naisma.org

When you think this is bad you can block every Request that isnt coming from Cloudflare. Just make sure you dont block yourself out from your Server.

Here you can see the IP-Ranges: IP Ranges | Cloudflare

When i visit your Site the First Visit is slow and the Second Visit is fast and i get a HIT for the Requests.
So Everything seems to Work. But you still need to figure out why your Server crashes so fast, but for that you need to investigate your Serverlogs

okay, thanks for taking a look

There are a few things to consider. A site that colapses under 60 requests in a few minutes is not hosted on a good platform - perhaps check if you can optimise it. A static site shouldn’t have this kind of problem unless it is on a very under-spec server. A dynamic site (script pages, database access, etc) would need a more robust server.

Having said that, the very first thing you can do is add a firewall rule (on your hosting provider, or at least on your server) and block access to any IP address that is not in the list here IP Ranges | Cloudflare

You will see all requests coming from Cloudfare - this is not to worry, as Cloudflare will be proxying requests on your behalf.