Can Cloudflare offer DDOS protection for my web based API?


I am working with an ASP.NET web based API exclusively using GET requests to return data to mobile apps. Does Cloudflare offer a way to protect from DDOS attacks while at the same time not hindering legitimate traffic?

[just asking] 600k request and cloudflare is down?

yes, they have tools against layer 7 attacks

1 Like

Is there any available documentation about these?


there is document for each of the tools like:

  • rate limiting
  • I am under attack mode(not working with api routes)
  • firewall rules
  • IP Access Rules
  • User Agent Blocking
  • full html caching
  • worker
  • countries based rules

there is a also probably a way for cloudflare to help you make rules against attacks but I don’t know in which plan is available and how

my 2 cents about layer 7 attacks is if your infrastructure not scalable and your content is not 100% cacheable than you cant really 100% protect it

DDOS attacked despite using cloudflare
DDOS attacked despite using cloudflare

There are many free features available to mitigate and stop an attack; the Firewall Rules, for instance, is a pretty powerful feature and can be highly effective when properly set.

This support page lists several steps you can and should do to protect your site in case of a DDoS attack. Read it carefully, as some features require paid plans.

1 Like
closed #6

This topic was automatically closed after 31 days. New replies are no longer allowed.