Ddos http post/get

Security
#1

Hello
i have enable CF on my website https://jeffpronosports.com/ with JS captcha to avoid bot but i still have, bots making POST/Get on my website
See attached logs

Screenshot_18
Screenshot_181706×994 1.01 MB

How they can still flood while i have cloudflare enable with under attack mode enable

I also see, i have some IP displayed on my log file but not mentionned on the firewall?
For example 144.168.241.236 is from GERMANY while i have ban ALL country EXEPCT FRANCE with (ip.geoip.country ne “FR”)
into firewall CF seetings…

Screenshot_21
Screenshot_211923×638 243 KB

#2

JS isn’t CAPTCHA. If it’s “Under Attack” mode, then it’s a JS challenge. And it’s not perfect.

It looks like they’re targeting your contact and register pages. I’d turn off Under Attack mode and use a Firewall Rule so if URI Path contains register OR URI Path contains contact, then CAPTCHA Challenge.

Remember that it’s possible that attacker(s) can bypass Cloudflare and directly target by your server’s IP address. That’s why it’s always good to firewall off any requests that do not come from cloudflare.com/ips