Cloudflare is not able to help me!


We have been getting these carding attacks for 3 days now. We see 1000+ $0.00 authorization in PayPal and we do not want to get banned. Moved to cloudflare 2 days ago; I opened a ticket they did not reply for 21 hours. Then I upgraded to Business Plan they replied within 30 mins. I asked a question and then no show. I jumped into chat and this lady was in crazy rush.

She helped me make a rule and said it’d fix everything but nada! then she went aggresive on the rules and she pretty much selected everything including google bots and all to block, i figure i do not want to get ban so i did it. She also helped me create cache rule.

Now all of the sudden, we are getting calls that many customer cannot checkout anymore. THEN EVEN WORST! they are seeing different people account (CACHE RULES SHE SET).

This has been a worst nightmare!

I was wondering if someone can help me set up something to fight against this carding issue. I tried DDOS, Rate Limiting, blocking all countries but US and Canada for time being but nothing helped! I was told in the first ticket that I can make it in the way where traffic only goes through Cloudlfare but lady in Chat would NEVER tell how( I asked her 3 times literally!) .

I look forward to hear from one of you guys!

Thanks in advance

1 Like

You can do this by setting the firewall on your server to only allow IP addresses from
If you don’t know how to configure your server’s firewall, you will have to ask your host.

Does this come from a checkout page on your site? If so, you may want to add a CAPTCHA Challenge Firewall Rule to that page with a rule similar to this:

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.