Cloudflare just stopped, (almost) automatically, a big attack against our company

The attack started at 4 AM and its still ongoing now (I’m tuning the rules a bit, they seem to be changing patterns but the automated protection is doing a major part of the mitigation).



Its VERY well distributed.

Thats a lot of requests! Sit back and let Gatebot do the work :sunglasses:

4 Likes

Is your site still responding to legit requests like normal or are you seeing some impact?

It is doing an awesome job actually! I only had to add rules for “leftovers”.


Approximately 87% of the attack was automatically mitigated

2 Likes

I managed to find a common pattern for the attack, legit visitors do not even get to see a 5s screen currently. However, when I was still inspecting the behavior, legitimate visitors had to face a 5s screen or captcha.

2 Likes

Here is the bot protection verdict on those requests:


Unfortunately we can’t tune it, but had bot management allowed me to whitelist a bunch of IPs and maybe, the whole attack would have of been mitigated without any human interaction.

1 Like

The attackers seem to have given up on attacking the website, they are targeting our servers now but we got that covered as well.

1 Like

Someone’s really crashing your cake day party. Good thing you hired a :orange: bouncer at the door.

Screen Shot 2021-07-07 at 6.58.33 AM

5 Likes

They are even doing a follow-up now! The party never ends for these people hah. This time 70% was automatically mitigated and 30% was thanks to some of the firewall rules I deployed earlier.

The attack pattern changed but it’s still slightly similar.

2 Likes

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.