DDoS Attack Bypassing Cloudflare

Howdy,

My website has been under attack for several days and it goes down all of the time. I put up Cloudflare when I first launched it, and it has worked wonders-- until now. This attack is going right through Cloudflare (and yes, I can verify it is not going straight to the server IP address, Cloudflare doesn’t usually have over 30M requests in a day for my site).

Does anyone have ANY idea on how to fix it or what is happening? And any way I can get Cloudflare to do its job and actually prevent this attack?

I’ve rate limited with Nginx and sent out an empty 429 response and fixed up PHP to where it shouldn’t overload when all of the requests but yet it’s still happening.

Make sure your firewall is set up to only allow connections from the CF IPs - https://Cloudflare.com/ips - you could also try authenticated origin pulls

1 Like

It sounds like you’re doing quite a bit to mitigate it, but the DDoS is still happening. Those are really tough to defend against, and Cloudflare doesn’t have a magic bullet to make DDoS go away. Just a bunch of options. Here are some suggestions:

2 Likes

any pattern in attack which can be blocked using Cloudflare rules? Can you share logs of those attack?

there is many topics regrading layer 7 ddos attacks, like you noticed Cloudflare doesn’t automatic block this attacks, but it have lot of rules to help you block it

  • rate limiting
  • I am under attack mode(not working with api routes)
  • firewall rules
  • IP Access Rules
  • User Agent Blocking
  • full html caching
  • worker
  • countries based rules

you can search for more discussions about it

2 Likes

This topic was automatically closed after 30 days. New replies are no longer allowed.