Cloudflare does not stop the bad people?


#1

Hello!

We enabled Cloudflare today and the “bad guys” are still trying SQLinjections from the philippines and Russia etc towards our site.
Isn’t cloudflare supposed to protect us against this or what is the point using your service?
The problem now is that we can’t stop them since they have CloudFlare IPnumbers (different all the time) and there is no way to block them.

How do we protect ourself from these guys trying to hack our site if not routing through Cloudflare is an option? We have now disabled the routing through your servers to be able to stop them since now we get their real IPadress and blocked them manually ourselves.

Please advice!
/Fredrik and Per


#2

Pro Plans get the WAF (Web Application Firewall), which is pretty good at filtering specific attacks. Free plans get DDoS.

You’re seeing Cloudflare IP addresses because it’s a reverse proxy. You need to configure your server to restore Visitor IP addresses:


#3

Even though we get the original IPadress, there wont be any difference to what we already had before we enabled Cloudflare. Why does not Cloudflare filter out the bad guys?
We have business plan.


#4

Did u enabled WAF (both cloudflare waf + OWASP)? and your dns showing orange in dns for the zone which is getting attacked?


#5

There was very very hard to find that, but I’ve googled and found the “web”-part in the firewall so now I can enable the features. Thanks