Hello,
I have a website that is completely through Cloudflare.
My website is receiving DDoS attacks and is not fully accessible with Cloudflare. My site is receiving the error: max_user_connection. I increased max_user_connection on my server.
This is an attack with many users and Cloudflare does not see it and enters directly into my site and crashes. What can I do in this case?
Thank you.
Take a look at the DDoS documentation - i.e https://developers.cloudflare.com/ddos-protection/managed-rulesets/adjust-rules/false-negative/#incomplete-mitigations
You’ll see any requests that Cloudflare thinks are malicious in https://dash.cloudflare.com/?to=/:account/:zone/security
These two guides are also good resources:
This guide is for those users of Cloudflare who experience medium-high level complexity DDoS attacks.
Continue reading if you want to accomplish the following:
Becoming more familiar with the Cloudflare Dashboard and crafting custom firewall rules.
Understanding the standard behavior of DDoS attacks and deploying effective firewall rules.
Realizing how powerful and valuable Cloudflare Firewall Rules are.
I initially thought of making a more complex guide (I will). However, I realized that no…
If the steps above don’t work or are hard to follow, refer to this:
I need help mitigating an attack
Some attacks can be tough to mitigate, both support and the community are prepared to help you. To speed up this process, I suggest that you provide this information before opening a post or a support ticket:
Unique visitors visiting your site during the attack:
Unique visitors that normally visit your site:
Percent cached:
Firewall Events overview: (Image)
Firewall Top events by source:
Activity log: (Image of at least five random examples with status BLOCK , CHALLENGE or CAPTCHA )
Current plan of Cloudflare:
UAM enabled: [y/n]
Custom firewall rules deployed (if any):