DDoS Attacks Persist Despite WAF Rules – Seeking Guidance

What is the name of the domain?

gigclickers.com

What is the issue you’re encountering

I’m currently facing an issue with persistent DDoS attacks targeting one of my client’s domains. While I’m using Cloudflare and have implemented WAF rules to block multiple ASNs, such as 60729 (TORSERVERS-NET), the attacks from these ASNs continue to come through. I’m seeking advice on how to completely eliminate attacks from blocked ASNs or any other strategies that might strengthen my mitigation efforts. Has anyone faced a similar situation or have suggestions on how to handle this effectively?

What steps have you taken to resolve the issue?

Setup WAF Rules.

May I ask if you’re using a free or paid plan? :thinking:

Once you’ve spot them, continue and keep blocking them further just in case :+1:

One good post about this:

Nevertheless, consider blocking some of the known “bad user-agents”, “crawlers” or “bad ASNs” using below posts: