Someone is using cloudflares DNS service to point 4 domains at our server. If you look up any of these domains you can see they use cloudflares DNS. They are sending 100s attacks a minute all using cloudflares IP address
What steps have you taken to resolve the issue?
We cannot block 100s of IPs attacking our server from misusing cloudflares dns service. CLOUDFLARE needs to block these domains from using their service. This has been going on for a month and cloudflares support and service has been awful. i don’t know why anyone would use cloudflare when they can’t fix their own issues.
What feature, service or problem is this related to?
Someone is using cloudflares DNS service to point 4 domains at our server. If you look up any of these domains you can see they use cloudflares DNS. They are sending 100s attacks a minute all using cloudflares IP address What steps have you taken to resolve the issue?
What is the error message?
We cannot block 100s of IPs attacking our server from misusing cloudflares dns service. CLOUDFLARE needs to block these domains from using their service. This has been going on for a month and cloudflares support and service has been awful. i don’t know why anyone would use cloudflare when they can’t fix their own issues. What feature, service or problem is this related to?
What is the issue you’re encountering
We cannot block 100s of IPs attacking our server from misusing cloudflares dns service. CLOUDFLARE needs to block these domains from using their service. This has been going on for a month and cloudflares support and service has been awful. i don’t know why anyone would use cloudflare when they can’t fix their own issues. What feature, service or problem is this related to?
If you think those domains are pointed at your server IP address maliciously, you can report here… https://abuse.cloudflare.com
Do you use Cloudflare yourself? If not, then you can block the requests at your firewall for these IP addresses…
If you do use Cloudflare for your site then…
restore visitor IPs so you can see the real source IP address of the clients at your origin
consider using a random IPv6 address from a /64 block for your origin instead of IPv4 or any IP addresses that were previously public so your origin IP address is hard to find
use Authenticated Origin Pull with your own certificate so only requests from your own zone on Cloudflare will be accepted by your origin
We cannot block those IPs or we block our clients legitimate cloudflare dns accounts. We have many clients that use cloudflare dns services. Blocking those ips would prevent our clients websites from displaying. (we already tried this).
I am instructing all my clients to stop using cloudflare since cloudflare cannot control their services from being abused.
Please take the time to read the two documentation guides that @sjr linked. Both are important steps that will help you secure your server. For the authenticated origin pulls, it could be worth using individual self-generated certificates for additional protection.