DDOS attack prevention when on CNAME setup

Recently I have had a customer who has been under a heavy layer 7 HTTP DDOS attack. This customer is on a CNAME setup. Would a full conversion of the account (where the DNS service is controlled by Cloudflare) have prevented this?

I am unfortunately not too familiar with the CNAME setup but assuming everything still routes through Cloudflare, and the attack did not target the server directly, I would not think you’d get a significant advantage by going for a full account.

Can you rule out they went straight for the origin?

1 Like

They went through Cloudflare. We have a CNAME setup, where the DNS is hosted elsewhere, but they hit the origin through our Cloudflare Loadbalancer. Maybe the conversion to a full account wouldn’t have helped us.

Thank you for your help.

It shouldnt matter where the DNS is hosted. If they go through Cloudflare and arent stopped there they will naturally hit the origin, but the question simply is whether they hit the origin directly or not. If they did you’d need to ensure they cant do that in the future. If they didnt you probably need to adjust your security settings on Cloudflare.

From how it seems I dont think a “proper” account would have made much of a difference but maybe someone with more insight on CNAME setups could provide better feedback.

This topic was automatically closed after 14 days. New replies are no longer allowed.