Can cloudflare protect against manual (DOS) attacks?

It’s not single click solution.
May I ask if you’ve tried yourself something already or not?
Are you using Free or paid plan type for your zone?

Article mentioned at my above post about manual DDoS mitigation contains quite a lot of usefull things to configure and try out.

If that’s the case, I’d rather cache that particular HTML document at the origin host, therefrom set the HTTP cache-control headers.
Or even at Cloudflare to cache that resource type (HTML) for at least 5-10mins if it doesn’t change frequently or even longer 1h or a day.

For the other resources, I’d set cache to a month.

I’d also consider using Transform Rule(s) or Page Rule to redirec those kind of requests to the cached resource and strip out the parts of the URL, to not get “cache busted” if they add query with parameters into the URL for particular resource(s).

If you’re on a Free plan, count and see how much requests your visitor of your Website needs to download from the Developer Tools (F12) → Network from your domain.com.

slika

E.g. 120-150 threshold, if more than that in 10 seconds, block.

Consider blocking known ASNs via IP Access Rules, block TOR users, HTTP/1.0, empty user-agent, etc., configure other settings to play for you, not agains while using Cloudflare. They’re available via :search: of these forums.

Test, test, test and you’d get a solution for your case. No single-click, no silver bullet working for everyone.

1 Like