My website has been under attack for several days and it goes down all of the time. I put up Cloudflare when I first launched it, and it has worked wonders-- until now. This attack is going right through Cloudflare (and yes, I can verify it is not going straight to the server IP address, Cloudflare doesn’t usually have over 30M requests in a day for my site).
Does anyone have ANY idea on how to fix it or what is happening? And any way I can get Cloudflare to do its job and actually prevent this attack?
I’ve rate limited with Nginx and sent out an empty 429 response and fixed up PHP to where it shouldn’t overload when all of the requests but yet it’s still happening.
Make sure your firewall is set up to only allow connections from the CF IPs - https://Cloudflare.com/ips - you could also try authenticated origin pulls
It sounds like you’re doing quite a bit to mitigate it, but the DDoS is still happening. Those are really tough to defend against, and Cloudflare doesn’t have a magic bullet to make DDoS go away. Just a bunch of options. Here are some suggestions:
there is many topics regrading layer 7 ddos attacks, like you noticed Cloudflare doesn’t automatic block this attacks, but it have lot of rules to help you block it
rate limiting
I am under attack mode(not working with api routes)